urlscan.io logo urlscan.io
SecurityTrails logo

dacota.tw Open in urlscan Pro
103.153.177.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://dacota.tw/blog/post/antdownload-2
Submission: On October 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 16 countries across 74 domains to perform 419 HTTP transactions. The main IP is 103.153.177.11, located in Taiwan and belongs to AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW. The main domain is dacota.tw.
TLS certificate: Issued by R3 on September 23rd 2023. Valid for: 3 months.
This is the only time dacota.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 103.153.177.11 131657 (AS-FASTLI...)
40 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:bdf::45 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 54.235.188.253 14618 (AMAZON-AES)
20 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 103.224.182.253 133618 (TRELLIAN-...)
2 146.75.116.193 54113 (FASTLY)
10 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 16 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 184.31.93.220 16625 (AKAMAI-AS)
10 2a00:1450:400... 15169 (GOOGLE)
8 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 35.244.138.40 15169 (GOOGLE)
3 3.38.235.130 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 65.9.66.122 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 162.19.138.83 16276 (OVH)
1 52.222.236.10 16509 (AMAZON-02)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 54.217.255.105 16509 (AMAZON-02)
1 178.250.7.13 44788 (ASN-CRITE...)
1 3.75.62.37 16509 (AMAZON-02)
3 104.208.76.145 8075 (MICROSOFT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
36 2a00:1450:400... 15169 (GOOGLE)
3 35.244.159.8 15169 (GOOGLE)
1 43.200.46.95 16509 (AMAZON-02)
1 2 211.249.220.158 9457 (DREAMX-AS...)
10 36 142.250.186.98 15169 (GOOGLE)
1 103.243.202.190 45974 (NHN-AS-KR...)
1 133.186.12.16 10010 (TOKAI TOK...)
3 2a00:1450:400... 15169 (GOOGLE)
2 11 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:d::13 44788 (ASN-CRITE...)
2 4 46.228.164.11 56396 (AMOBEE)
3 3 52.57.181.189 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
3 3 37.157.2.228 198622 (ADFORM)
2 3 51.38.120.206 16276 (OVH)
1 4 23.205.93.33 16625 (AKAMAI-AS)
11 104.199.137.103 396982 (GOOGLE-CL...)
2 142.250.74.194 15169 (GOOGLE)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
3 5 104.18.26.193 13335 (CLOUDFLAR...)
4 5 185.89.210.101 29990 (ASN-APPNEX)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
30 2a00:1450:400... 15169 (GOOGLE)
2 35.71.131.137 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 3 178.250.7.11 44788 (ASN-CRITE...)
2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
3 3 46.228.174.117 56396 (AMOBEE)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.180 1299 (TWELVE99 ...)
2 2 76.223.111.18 16509 (AMAZON-02)
1 185.86.138.154 201081 (SMARTADSE...)
1 3.71.157.32 16509 (AMAZON-02)
4 172.217.18.2 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 34.243.151.27 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 216.52.2.6 32475 (SINGLEHOP...)
1 1 35.214.145.237 15169 (GOOGLE)
2 2 142.250.185.230 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
2 23.212.218.19 16625 (AKAMAI-AS)
1 2a02:cb40:200... 20546 (SOPRADO-ANY)
5 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
4 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 2600:9000:211... 16509 (AMAZON-02)
2 13.43.154.56 16509 (AMAZON-02)
2 45.32.50.234 20473 (AS-CHOOPA)
1 18.66.122.63 16509 (AMAZON-02)
1 99.86.4.52 16509 (AMAZON-02)
2 18.135.155.178 16509 (AMAZON-02)
419 88
29    103.153.177.11 (Taiwan)

ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW)
PTR: 103-153-177-11.as131657.net
dacota.tw
40    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
a.breaktime.com.tw
3    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    54.235.188.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-188-253.compute-1.amazonaws.com
embedr.flickr.com
20    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.dacota.tw
power.adhacker.online
cell.adbottw.net
1    103.224.182.253 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-253.above.com
images.zi.org.tw
2    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
s.imgur.com
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
16    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    184.31.93.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-93-220.deploy.static.akamaitechnologies.com
static.dable.io
images.dable.io
10    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
4    2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
15    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    35.244.138.40 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 40.138.244.35.bc.googleusercontent.com
alliance.breaktime.com.tw
3    3.38.235.130 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-235-130.ap-northeast-2.compute.amazonaws.com
api.dable.io
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2250:800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2600:9000:223c:7400:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    52.222.236.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-10.fra56.r.cloudfront.net
widgets.flickr.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    54.217.255.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    104.208.76.145 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
powerads.breaktime.com.tw
1    2606:4700:3036::6815:eb9 (United States)

ASN13335 (CLOUDFLARENET, US)
breaktime.tw
36    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
tpc.googlesyndication.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
1    43.200.46.95 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-200-46-95.ap-northeast-2.compute.amazonaws.com
r-log.dable.io
2    211.249.220.158 (Korea, Republic Of)

ASN9457 (DREAMX-AS DREAMLINE CO., KR)
analytics.ad.daum.net
act.ds.kakao.com
36    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)
cm-exchange.toast.com
1    133.186.12.16 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p016.net133186012.broadline.ne.jp
cs.gssprt.jp
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
11    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
3    52.57.181.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-181-189.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    2a05:d018:d29:3605:baeb:931e:26a0:842 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
4    23.205.93.33 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-93-33.deploy.static.akamaitechnologies.com
sync.teads.tv
11    104.199.137.103 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.137.199.104.bc.googleusercontent.com
brain.adbot.tw
cell.adbot.tw
2    142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
5    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
5    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
24    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
30    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    3.71.157.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
prod-rtb.ad4mat.net
4    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    34.243.151.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-151-27.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    35.214.145.237 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 237.145.214.35.bc.googleusercontent.com
csync.loopme.me
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
2    23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com
www.awin1.com
1    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2600:9000:223f:c800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2600:1f18:1aca:4281:a723:103f:3bdb:6540 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2606:4700:3032::6815:3fd5 (United States)

ASN13335 (CLOUDFLARENET, US)
gene.breaktime.com.tw
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2600:9000:211e:4600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    13.43.154.56 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-154-56.eu-west-2.compute.amazonaws.com
track.webgains.com
2    45.32.50.234 (Japan)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.50.234.vultrusercontent.com
learning.adbot.tw
1    18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net
analytics.webgains.io
1    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    18.135.155.178 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-155-178.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
77 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
ad.doubleclick.net — Cisco Umbrella Rank: 173
519 KB
76 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
761 KB
42 dacota.tw
dacota.tw
img.dacota.tw
695 KB
30 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
870 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 34439
ad4m.at — Cisco Umbrella Rank: 12024
assets.ad4m.at — Cisco Umbrella Rank: 44524
1 MB
15 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
63 KB
14 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
878 B
13 adbot.tw
brain.adbot.tw — Cisco Umbrella Rank: 848664
learning.adbot.tw
cell.adbot.tw
51 KB
13 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
991 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
499 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 895
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502
dis.criteo.com — Cisco Umbrella Rank: 648
9 KB
8 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
static.adsafeprotected.com — Cisco Umbrella Rank: 720
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
100 KB
8 breaktime.com.tw
a.breaktime.com.tw — Cisco Umbrella Rank: 358507
alliance.breaktime.com.tw — Cisco Umbrella Rank: 367468
powerads.breaktime.com.tw — Cisco Umbrella Rank: 400858
gene.breaktime.com.tw
123 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
rtb.openx.net — Cisco Umbrella Rank: 912
us-u.openx.net — Cisco Umbrella Rank: 547
1 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
258 KB
6 dable.io
static.dable.io — Cisco Umbrella Rank: 29426
api.dable.io — Cisco Umbrella Rank: 26281
r-log.dable.io — Cisco Umbrella Rank: 32625
images.dable.io — Cisco Umbrella Rank: 39216
39 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
104 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
secure.adnxs.com — Cisco Umbrella Rank: 542
4 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
3 KB
5 adhacker.online
power.adhacker.online — Cisco Umbrella Rank: 335013
23 KB
4 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 206436
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 161993
8 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1584
776 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
2 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 33897
api.webgains.io — Cisco Umbrella Rank: 91885
18 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
827 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
3 KB
3 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 5736
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
9 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
599 B
3 flickr.com
embedr.flickr.com — Cisco Umbrella Rank: 78008
widgets.flickr.com — Cisco Umbrella Rank: 119000
13 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 59583
2 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18074
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434
956 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
647 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 967
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
297 B
2 adbottw.net
cell.adbottw.net — Cisco Umbrella Rank: 382452
12 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
12 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717
43 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
30 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6147
515 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3047
pixel.wp.com — Cisco Umbrella Rank: 2968
3 KB
2 imgur.com
s.imgur.com — Cisco Umbrella Rank: 43445
4 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006
15 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
238 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
457 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
172 B
1 adcell.com
t.adcell.com — Cisco Umbrella Rank: 64125
273 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 93025
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 83080
437 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 82854
262 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
415 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
104 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
146 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
75 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
609 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
574 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
583 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
552 B
1 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 17636
82 B
1 toast.com
cm-exchange.toast.com — Cisco Umbrella Rank: 9890
624 B
1 kakao.com
act.ds.kakao.com — Cisco Umbrella Rank: 50106
491 B
1 daum.net
analytics.ad.daum.net — Cisco Umbrella Rank: 44792
567 B
1 breaktime.tw
breaktime.tw — Cisco Umbrella Rank: 366557
745 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
5 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
1 KB
1 zi.org.tw
images.zi.org.tw
419 74
Domain Requested by
40 pagead2.googlesyndication.com dacota.tw
pagead2.googlesyndication.com
www.googletagmanager.com
googleads.g.doubleclick.net
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
s0.2mdn.net
36 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
31 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
dacota.tw
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
30 s0.2mdn.net dacota.tw
s0.2mdn.net
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
29 dacota.tw dacota.tw
16 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
dacota.tw
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
dacota.tw
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
13 img.dacota.tw dacota.tw
13 www.googletagmanager.com dacota.tw
www.googletagmanager.com
www.google-analytics.com
breaktime.tw
12 assets.ad4m.at as.ad4m.at
11 www.google.com 2 redirects googleads.g.doubleclick.net
securepubads.g.doubleclick.net
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
dacota.tw
tpc.googlesyndication.com
10 brain.adbot.tw dacota.tw
brain.adbot.tw
10 www.google-analytics.com dacota.tw
www.google-analytics.com
www.googletagmanager.com
10 www.googletagservices.com dacota.tw
www.googletagmanager.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 region1.google-analytics.com www.googletagmanager.com
5 power.adhacker.online a.breaktime.com.tw
www.googletagmanager.com
4 dt.adsafeprotected.com 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
dacota.tw
4 googleads4.g.doubleclick.net dacota.tw
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 sync.teads.tv 1 redirects googleads.g.doubleclick.net
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 fonts.gstatic.com fonts.googleapis.com
3 dis.criteo.com 3 redirects
3 onetag-sys.com 2 redirects 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
3 c1.adform.net 3 redirects
3 pm.w55c.net 3 redirects
3 www.gstatic.com googleads.g.doubleclick.net
3 powerads.breaktime.com.tw power.adhacker.online
3 api.dable.io static.dable.io
3 region1.analytics.google.com www.googletagmanager.com
3 fonts.googleapis.com dacota.tw
googleads.g.doubleclick.net
brain.adbot.tw
3 a.breaktime.com.tw dacota.tw
brain.adbot.tw
2 api.webgains.io analytics.webgains.io
2 learning.adbot.tw brain.adbot.tw
2 track.webgains.com as.ad4m.at
2 static.adsafeprotected.com 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
2 www.awin1.com as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 ap.lijit.com 2 redirects
2 a.tribalfusion.com 1 redirects 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects dacota.tw
2 prod-rtb.ad4mat.net 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
2 us-u.openx.net googleads.g.doubleclick.net
2 static-de.ad4mat.net as.ad4m.at
2 eb2.3lift.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.1rx.io 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
2 match.adsrvr.org 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
2 www.googleadservices.com dacota.tw
2 cell.adbottw.net www.googletagmanager.com
brain.adbot.tw
2 r.turn.com googleads.g.doubleclick.net
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects dacota.tw
2 www.google.de dacota.tw
2 s.imgur.com dacota.tw
s.imgur.com
2 embedr.flickr.com dacota.tw
embedr.flickr.com
1 cell.adbot.tw brain.adbot.tw
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 s.ad.smaato.net 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 tr.blismedia.com 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
1 gene.breaktime.com.tw brain.adbot.tw
1 t.adcell.com as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
1 x.bidswitch.net 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 secure.adnxs.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb.nl3.eu.criteo.com dacota.tw
1 cat.nl3.eu.criteo.com dacota.tw
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 imageproxy.eu.criteo.net googleads.g.doubleclick.net
1 cs.gssprt.jp dacota.tw
1 cm-exchange.toast.com dacota.tw
1 images.dable.io dacota.tw
1 act.ds.kakao.com dacota.tw
1 analytics.ad.daum.net 1 redirects
1 r-log.dable.io static.dable.io
1 google-bidout-d.openx.net oa.openxcdn.net
1 breaktime.tw www.googletagmanager.com
1 ups.analytics.yahoo.com connectid.analytics.yahoo.com
1 mug.criteo.com dacota.tw
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 bidder.criteo.com static.criteo.net
1 widgets.flickr.com embedr.flickr.com
1 id5-sync.com cdn.id5-sync.com
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 alliance.breaktime.com.tw a.breaktime.com.tw
1 pixel.wp.com dacota.tw
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.dable.io dacota.tw
1 stats.wp.com dacota.tw
1 images.zi.org.tw dacota.tw
419 118

This site contains links to these domains. Also see Links.

Domain
www.kelongwo.com
download.mcloud.139.com
line.naver.jp
www.facebook.com
www.fast-line.tw
Subject Issuer Validity Valid
dacota.tw
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
a.breaktime.com.tw
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-03 -
2024-02-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
flickr.com
Amazon RSA 2048 M01		 2023-03-07 -
2024-04-04		 a year crt.sh
tbox.tv
R3		 2023-08-17 -
2023-11-15		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
static.dable.io
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
adhacker.online
E1		 2023-09-15 -
2023-12-14		 3 months crt.sh
breaktime.com.tw
R3		 2023-09-07 -
2023-12-06		 3 months crt.sh
*.dable.io
Sectigo ECC Domain Validation Secure Server CA		 2022-11-17 -
2023-11-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.toast.com
Sectigo RSA Organization Validation Secure Server CA		 2023-07-10 -
2024-08-09		 a year crt.sh
cs.gssprt.jp
GeoTrust RSA CA 2018		 2023-01-06 -
2024-02-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
adbottw.net
E1		 2023-09-08 -
2023-12-07		 3 months crt.sh
brain.adbot.tw
R3		 2023-09-30 -
2023-12-29		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-09-26 -
2023-12-25		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2023-07-28 -
2024-07-27		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
learning.adbot.tw
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
cell.adbot.tw
R3		 2023-09-30 -
2023-12-29		 3 months crt.sh

This page contains 38 frames:

Primary Page: https://dacota.tw/blog/post/antdownload-2
Frame ID: D923029DD0D6FCF3D866DAD2BD235238
Requests: 165 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 1232F61C84B9C66BC2694399C7294148
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&adk=1812271804&adf=3025194257&lmt=1696985961&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993160611&bpp=631&bdt=247&idt=1040&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7798919204589&frm=20&pv=2&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1144
Frame ID: 6CBB5F4803542383B40E092FFB289EDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Frame ID: E8666B28462A6F74FC4F42BD1F4A90BE
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dacota.tw
Frame ID: 5A7883F3376E1239F8F1761C34301238
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=280&slotname=7466582712&adk=4156446376&adf=1840067851&pi=t.ma~as.7466582712&w=800&fwrn=4&fwrnh=100&lmt=1696985963&rafmt=1&format=800x280&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=3&bdt=2815&idt=-M&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250&nras=1&correlator=7798919204589&frm=20&pv=2&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=3774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NnqDJpnizG&p=https%3A//dacota.tw&dtd=22
Frame ID: 134A37DBBD7C1DF21728AB644208B053
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Frame ID: BB76278DABDC8F69FDD6E079F75D2E3B
Requests: 16 HTTP requests in this frame

Frame: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 549719A619AB4C5D7B53E4D09A245EA2
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F2C60881FB6F8EEA412C3FC07BD66C8E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupeGKLOfDLn6Hdl_shI9F6fgkW1Da8b0JNEqsVna4oogeCa59uGl0NAidmkrrruTa_JTH8Tq_xzY-jkfdooETH-GOYIHmi3m1aSI-9E-XGNVPgLUnoLnH5sud_wVqiftbi-EnCHQO9sHnV_heWv2b59Us6ZBz8_M_fnG0unjCFQXGuATWynGt8Xjcl3tAF8kg9rUpLKqGHaK8hY26TUv8rpW-1Xc3XnF5T9s952pG4wId95vsJ8U-bs9qAK4EbwjVfebTBtLnkFgewFZe21YgnotMOSfQBvpqfP5ep4wTN1bXq_1Yiu0p6gvnaVCk&sai=AMfl-YSVSKf2Ftq9zB7eNvJD1AmJm6MUzuC0SiRchPZbzsitHX9oH38Gz502NY4SNR9FZX8EPWCUQDfaG-EbVxhmINRRAYt1b4z1uOfi7iE9EyE0hlWEfqO98_EHC1DGkC8&sig=Cg0ArKJSzLl_ikT5H431EAE&uach_m=[UACH]&adurl=
Frame ID: B8EB1872515892CAC2CB91BF7533EDF9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ACC52788B9577B0C53558C742460C1E0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E62BA7CAC091AB9E048C08979FA4FA52
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: A2FA726CB35B56AD26C018E2FA97675B
Requests: 1 HTTP requests in this frame

Frame: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FD5E6120BD1942794B3F44A0BACF1FEC
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGPGF8vkBMAE&v=APEucNXYaWKX9G3IAq0uJW-8VoB96EHxgk4rNvFDLWn72W0B8Oo4WewVA2Dbyjb5n5CQCA1LdMdaQEbuFncp2ppjdgvAuAoKbDFRr5Gb-mG1EPpaDJxbgJMHYWkQSLr5rP1UAptvuhZp1HPaL0c6p4yEDWgdJ4M7Bg3Kow5M4sjLf5y80dBT_Ws
Frame ID: F698BCD40CBAB84EB651125FCA213B55
Requests: 5 HTTP requests in this frame

Frame: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 76FF8E413476CBF726E9F0CBACFF77B1
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gyvfq4t6hy68pqys6rrxf1j7zcpfgy6z7z6ps96vnek9zrbv4m09610kgr3dq5yx3e7cv2jp6h57m7t8pp8b1gq711m9b7832py9ezdev4szeh25zq2b6j2hg7p0gv8ehp3nchv9jge3jp0sxtzep8t62rbr688jeb962834x2033z1wynn3hjvf44xbn85rv50bzqt3qb6mn5ac26dr77btjdw85x2pxa8cck5svxrek2mrsxbbmn7x47frefbew2wxw0qkxbh8d5x24y6z6mcfw67nwy5nb5qh21pvhq9gw40m9m789r910h2p12wk9ce1v9fe4dvsy48qcx9sy6knzpxjas8pcqhefvj2eqmr0c8a41q6tse6brzr1mc3w2r5492pvmqv8gqd0mc8ff12f9fja7dnhemwp1saq7015yxekgcmn46p47975sbngd126zzst5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%26client%3Dca-pub-7968146525597976%26adurl%3D
Frame ID: 1F0891FB48251FAF851865A1C2A59A79
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E72CBA631E5FE71CD938795310CDCE41
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84ED04339F9E98B6779EEC65DFFFB698
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 105DC5C39ED6DBC40384EC9CEE4822AF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
Frame ID: FC5F2EAC8224F2AF3D27B0D319300BC5
Requests: 8 HTTP requests in this frame

Frame: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B72242952A7D5259FD55140F089DA9C3
Requests: 25 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4A38C7BB031926996E9EC2D98D5B26C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLLfn9wBMAE&v=APEucNW3ZWwBEr87ZAjXJvMqvxsKvgYXXWGd_sMQCPpCOKtpldn8r-5mTsTkfRWSktHeoeFFteKo_-5H09fZHPnHPpaCgwI5RtZgt3O-5WDuZCYEE4fbsGbCJU5SvgBnGefLqxKXws3iA8U-G0B-3gi8NGAkrYAiooJF-x5OsSJ-1GQ9EzMjAkg
Frame ID: 7568DA7D44606C3DD2FCB040BEB62CB7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F945AD8B2E6C09450C960057FC64A31
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Frame ID: 9ED5B1BE724C7C1C0391AAEA82CDF9A4
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Frame ID: F386182A252F75629A7E4434EFA5DCE0
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C694F01B4A2C02229563FF222BBC60DC
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: FF4A8125CF597D779C73DB5BF58737DB
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CB0B0FEC5BC9C2474B0142592767ECBD
Requests: 1 HTTP requests in this frame

Frame: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAC45824C7A47F9ACA0A506AB6AF52D6
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kmt80fe61y6h3scfhn23wytzrq9e6v0wh88187em5ccjazs0sz6552xtkhxfcpxpctafd8j6reg7p4scew9ps23ybkd8hfssm8f5a3et0mws1wb700wa0hx97c0c0fsqq9w8b60qhp5czz88g43mmb4vb7esc42pyh2jm2fn8mjzeshgxbtgj0kyatmcsmhkcfc1bg51a2qysbedxa0p82k0tjk3m86wsq5jkht670gnmytwf9kssh7d4xd6tn6d6jcaebx0varq0w3rnzkz7pj3gwt6pvp1rjmgv9s2jaj1ycynwaeepr1y09ky5e8b8r59mbb5t5hs176vjny7bahjf6cnyfv9xm7tfrzzadnfwv1xx0c8spbnmcg19s7g2yef0vsdrzyvt2qe5e4kx1gm6ftjgd6fatf54mpw87ncr06y87tefpvbvy8cj51x10fd7fekeb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%26client%3Dca-pub-7968146525597976%26adurl%3D
Frame ID: 97E4F62FA82C9987CF0D9D2E53C61A10
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3544409E7E403ACE093F8BFF5656E684
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: 453AE03BC1CE383E92E78724D9902CD8
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9D2DCC366BE915F3ADCB66C882CBC5A1
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Frame ID: 6F7739FCB19C4650237CCF1BDFC85972
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A454A5C0C93165EDA7F722D05FDA7F4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 51D1A442D05080423F2E12DC6309022F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2023 台灣下載百度網盤,免費免登入、還不限速的下載工具

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

419
Requests

91 %
HTTPS

40 %
IPv6

74
Domains

118
Subdomains

88
IPs

16
Countries

6734 kB
Transfer

14339 kB
Size

69
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&rid=esp&cc=1
Request Chain 102
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=dacota.tw&sn=ChromeSyncframe&so=0&topUrl=dacota.tw&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=gV1ffHxDcUpRY25CbHpPMnFvb1hTMmVXTzhaQ0JrZmh5ZkdFNnhFNmZnb0p4cGh3WlRHQWNiOE9YQi9Id0VPRnZDWldndjZObUY1ZG1iYnhaNVJ6N0lsQldlU2FSZ014bWE4MlRsYUdKY0NQR3Q5b1BQQ2pnU3c2YUVjNHpIS21WeGl1UndYYzJqdThaNUx5SHVnSEowWlI3YkF1WGFOc1BQaFdTM3hOK2dHc1VGWTZQcGhhNFR5QlJxVUE5c1Rybk82bS83OHRqM21PMFpRcmVKVmloYzM3WDQxaGNwKzNjUWVleHNmeWU2d2xENjBrSXp4UW9DSXh3bFZxUFJ2b21HWFViaUp6b1ViSE9GU291bm00dS81anEzQT09fA&cppv=2
Request Chain 121
  • https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000 HTTP 307
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220231011%22,%22u%22:%2200000000.0000000000000%22%7D%7D
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
  • https://images.dable.io/1x1.gif?google_gid=CAESENgjfiI_qhK3_PcriTu52lo&google_cver=1
Request Chain 144
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH8hLv-zjjHHM1lAOVzlaEc&google_cver=1&google_push=AXcoOmRckbU2QQLlGryhCmj3DPgKsv7JQZDPY-PyLxDKpPqq_UUGqK-ZgO867QDNFQfNkfTZGNt3cWj45uUx4tAUnA8c2SoCrUyvQA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA1ODQzNDM5NTczNTczNjMwMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJZLFWc3k60irkSi49pAa0w&google_cver=1
Request Chain 145
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK_J9dNbgG5an41mnEaNvxo&google_cver=1&google_push=AXcoOmSnouxUwDtijoVqGu0_WF_3QboOHBFWwqMKuewv7gA7ZNNbuqFmF6ATcXN3ju5KSbJUlEGMgu6YL3y1hOJ_23clU2Z18kpTtw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK_J9dNbgG5an41mnEaNvxo&google_cver=1&google_push=AXcoOmSnouxUwDtijoVqGu0_WF_3QboOHBFWwqMKuewv7gA7ZNNbuqFmF6ATcXN3ju5KSbJUlEGMgu6YL3y1hOJ_23clU2Z18kpTtw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXU1VE9hcWUxUVFwcnQ1&google_gid=CAESEK_J9dNbgG5an41mnEaNvxo&google_cver=1&google_push=AXcoOmSnouxUwDtijoVqGu0_WF_3QboOHBFWwqMKuewv7gA7ZNNbuqFmF6ATcXN3ju5KSbJUlEGMgu6YL3y1hOJ_23clU2Z18kpTtw
Request Chain 146
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOlhy3DFnROVnvNn2NmhYnE&google_cver=1&google_push=AXcoOmRoxjF6GktTP8CGKHtXOxbs7XVTXceBY5z33ufa4to2zwMq0STmR8iB_aStVQuOaWvY0z62wad_tHprTBpCychEtlcO5C5RJA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=kfYBJ7sERioTemOfQ6uYzA&google_push=AXcoOmRoxjF6GktTP8CGKHtXOxbs7XVTXceBY5z33ufa4to2zwMq0STmR8iB_aStVQuOaWvY0z62wad_tHprTBpCychEtlcO5C5RJA
Request Chain 147
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECTnxV2cr3eYEaaH525k6do&google_cver=1&google_push=AXcoOmQro7aZPQ3Rr1yEitkTKoKPdylnA68KvDXOsI6-fwrBydDHseCvu4Cd3HBSVBhDp8PsRFNyY0RccrFR_Ak81Scax05Y7JLS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQro7aZPQ3Rr1yEitkTKoKPdylnA68KvDXOsI6-fwrBydDHseCvu4Cd3HBSVBhDp8PsRFNyY0RccrFR_Ak81Scax05Y7JLS&google_hm=eS10QjZFVkpKRTJwRXpCcm5PbEM5R2dXV1ZjOHFOUFMyd35B
Request Chain 148
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIHN5KdHJ_06j28ycmjsgRk&google_cver=1&google_push=AXcoOmRpKK65ia02-hmgGfM6xsuap0J1y4mcp-E6SYsk-lZnG2VXhip8PHSQR8Y-7aXiuC8qjhidmvIhGr5VEanthDFNsCBC7qk- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIHN5KdHJ_06j28ycmjsgRk&google_cver=1&google_push=AXcoOmRpKK65ia02-hmgGfM6xsuap0J1y4mcp-E6SYsk-lZnG2VXhip8PHSQR8Y-7aXiuC8qjhidmvIhGr5VEanthDFNsCBC7qk- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzOTc0NTUwNzM5MzQyMjQ3NQ&google_push=AXcoOmRpKK65ia02-hmgGfM6xsuap0J1y4mcp-E6SYsk-lZnG2VXhip8PHSQR8Y-7aXiuC8qjhidmvIhGr5VEanthDFNsCBC7qk-
Request Chain 149
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAeisCyuHl-fA_Z78NK1lwc&google_cver=1&google_push=AXcoOmS8HZiH0iVzgkv-L8F0z5-am7z8Vu0BARGT-N63zDB0FiNmimimml4HcKI1ox8BQr20iG2yLqSYyqsxd6TVYkyRj9wK5klWQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS8HZiH0iVzgkv-L8F0z5-am7z8Vu0BARGT-N63zDB0FiNmimimml4HcKI1ox8BQr20iG2yLqSYyqsxd6TVYkyRj9wK5klWQg
Request Chain 150
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEILo-gFXup9PoTHp85HGFcM&google_cver=1&google_push=AXcoOmRAau2lWd3pJFGQEqoUTPwn0QHgv4R_yqjyxtB-hQr_msDrwH4LMFSKY4nSj_VXIAXaDJ25jlmtmA1PfRPNY0xVjoo_2uAmHqo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRAau2lWd3pJFGQEqoUTPwn0QHgv4R_yqjyxtB-hQr_msDrwH4LMFSKY4nSj_VXIAXaDJ25jlmtmA1PfRPNY0xVjoo_2uAmHqo HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 177
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 186
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C8rISig8mZevqGburiQbAs5rYBMmrjapzhv6d8fER8daa_po6EAEgzJSJE2CVwqaCsAegAfT__-kCyAEBqQLrch_bjomyPqgDAcgDywSqBOgBT9DICcszO8suc2AY5WUiApm0Fm3c-QhEW4YBvFA2xcaTkg5WfvtdQopQX3OabM3wk0IzXswhGklKcSj6QXGPOPFFxDqQjgpZFIm5VfaAqakQQ0ilAyMMosexuNW7NSGp1Uh9hpG1nvMPxoSm3A-wgNF9YrChvSk93EZjS0eEm9DscOqxHSOzob8NWLAWlTU788tSm-AMRqdbQ_AePU34N0DJW4WP-KOQeSTGCHh4P9Ft637oX4WSrFe71rfKiNAYm6jPcU6epm5xmTW1UHOGUwLDcPYbLcLxQNUsi_v9ECJ3gNxCh9vx0cAE2KG_6b0EiAXb5Oa6TJIFBAgEGAGSBQQIBRgEgAf0__-VAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELbIJ9IIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCUhodHRwczovL3d3dy5tc2MuY29tL2RlL2xwL3NoaXBwaW5nLWZyb20tZ2VybWFueS10by10dXJraXllP2djbHNyYz1hdy5kcyaACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDAyMTU0NTAxMjAzNDE0NBgA&sigh=RfhrRY8AIek&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNwzHAQbE6X51eprHdPcvOgIbJLbClBIIpoHLD9-7mB0S6msYtlBgVpKo3citAiSglAU4JtEw3GAE&template_id=5028&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213505641945005481452%22,%22debug_reporting%22:true,%22destination%22:%22https://msc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22759169012%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227387884793132239633%22}&andc=true
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1&C=1
Request Chain 203
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSYPjfbL8ilQGflWJ.dabAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1&google_hm=2
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENNGtaSz8eHHcbWIUJK_OY0&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENNGtaSz8eHHcbWIUJK_OY0%26google_cver%3D1
Request Chain 205
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NTMyMTE1NzY4OTg3OTM1NA%3D%3D
Request Chain 226
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHVFUK2tbNO84gbiG9MBU_8&google_cver=1&google_push=AXcoOmRy5gsy5atuuhLctftyZsvPLyss2dqbu-4HUrfpNQHtFPR7jjAAXkKomxHJJYlatj6G5zdNE5B-oBvENWTxYAxsPdba_ZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODUzMDE0NTIxODE5NzY2MQ%3D%3D&google_push=AXcoOmRy5gsy5atuuhLctftyZsvPLyss2dqbu-4HUrfpNQHtFPR7jjAAXkKomxHJJYlatj6G5zdNE5B-oBvENWTxYAxsPdba_ZA
Request Chain 227
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTGyW28Kg5olwDPxDce4Bz4NWEtE1t0ch8MNrOgWlt7uSolHUp9pZfNCi69F5xrUG_1ZZ6c_hlP9EpkPYnv7jJIDPomAhU&google_gid=CAESEOJDHNb2KXcBshEje7DJ2GA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmTGyW28Kg5olwDPxDce4Bz4NWEtE1t0ch8MNrOgWlt7uSolHUp9pZfNCi69F5xrUG_1ZZ6c_hlP9EpkPYnv7jJIDPomAhU
Request Chain 229
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENj2ojMLMeJ86wU5sVYONNQ&google_cver=1&google_push=AXcoOmREsvm6tn4BJVmO7evYXMaid2v1ZEKdb1IbtilivjAsRRQMgWYAewYbvsXC5akgSS1irkWRCmo6KJOq_eUcLRbi1sdvXDAg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENj2ojMLMeJ86wU5sVYONNQ&google_cver=1&google_push=AXcoOmREsvm6tn4BJVmO7evYXMaid2v1ZEKdb1IbtilivjAsRRQMgWYAewYbvsXC5akgSS1irkWRCmo6KJOq_eUcLRbi1sdvXDAg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oOhDs88XSLebx_SUSSE_rA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmREsvm6tn4BJVmO7evYXMaid2v1ZEKdb1IbtilivjAsRRQMgWYAewYbvsXC5akgSS1irkWRCmo6KJOq_eUcLRbi1sdvXDAg
Request Chain 230
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKKi8-do_1cNKNMwAWZ-6XU&google_cver=1&google_push=AXcoOmReKC0Nqi4ArBUYPz_DAOXNbUWy4RIUY6mEmLz2bv0DFhPF9W17z6fJxgAmAdbpogn3nVrUy7N9D9kosRWz6FRktueiGYyv HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmReKC0Nqi4ArBUYPz_DAOXNbUWy4RIUY6mEmLz2bv0DFhPF9W17z6fJxgAmAdbpogn3nVrUy7N9D9kosRWz6FRktueiGYyv&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1696993165589 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0a114b25-db00-4a0d-987e-897c333c22d8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmReKC0Nqi4ArBUYPz_DAOXNbUWy4RIUY6mEmLz2bv0DFhPF9W17z6fJxgAmAdbpogn3nVrUy7N9D9kosRWz6FRktueiGYyv%26google_hm%3DAwoRSyXbAEoNmH6JfDM8Itg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmReKC0Nqi4ArBUYPz_DAOXNbUWy4RIUY6mEmLz2bv0DFhPF9W17z6fJxgAmAdbpogn3nVrUy7N9D9kosRWz6FRktueiGYyv&google_hm=AwoRSyXbAEoNmH6JfDM8Itg
Request Chain 231
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKncHRoSB2kHdEQHj1bQ_WI&google_cver=1&google_push=AXcoOmR_xSzG3BsGdrIH-kDrOb7vM7auw4gsDWSmvTLWLzXuy-5tMiGaVtSKMcOhvEnG8hiO_2yVgG9IUoaFO88Ez2ZWQtF2ZiHQEg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDY2NTMyMTE1NzY4OTg3OTM1NA%3D%3D&google_gid=CAESEKncHRoSB2kHdEQHj1bQ_WI&google_cver=1&google_push=AXcoOmR_xSzG3BsGdrIH-kDrOb7vM7auw4gsDWSmvTLWLzXuy-5tMiGaVtSKMcOhvEnG8hiO_2yVgG9IUoaFO88Ez2ZWQtF2ZiHQEg
Request Chain 234
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEP3izqSvLiBmUSOExe0l2Po&google_cver=1&google_push=AXcoOmTQ1aKe9gdiqJHbzy4v3U4dfY1pcJsQVoaWAdrC22BeE3dFgeHmDhbDcDaoTTGBYLmTT5-gzgJJKvnqDYi3QZ8kP6VlRQGkvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTQ1aKe9gdiqJHbzy4v3U4dfY1pcJsQVoaWAdrC22BeE3dFgeHmDhbDcDaoTTGBYLmTT5-gzgJJKvnqDYi3QZ8kP6VlRQGkvw&google_hm=hdPHitYERICFrPG2mjdeCGs
Request Chain 235
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGChoUc88xakcG04kUTWv48&google_cver=1&google_push=AXcoOmQQYXi0gbJ_buwCj8Bd7oQYwgA1wBbRmgY00Igl8OFpmHVRdrOQundySlMZO7ruEaleiCBy0l3DTpl2npexKOxxFyHntGuH HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGChoUc88xakcG04kUTWv48&google_cver=1&google_push=AXcoOmQQYXi0gbJ_buwCj8Bd7oQYwgA1wBbRmgY00Igl8OFpmHVRdrOQundySlMZO7ruEaleiCBy0l3DTpl2npexKOxxFyHntGuH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQQYXi0gbJ_buwCj8Bd7oQYwgA1wBbRmgY00Igl8OFpmHVRdrOQundySlMZO7ruEaleiCBy0l3DTpl2npexKOxxFyHntGuH
Request Chain 236
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSmgysg8ofStKr4OjA9HF7wjaCp2-hwSqmvEiclLFf7zLvYHJOKqgLNk-SzY4Dx4wNAZ8LU4QPHFj5EYRAvndsIYXJW903eJA&google_gid=CAESEOJDHNb2KXcBshEje7DJ2GA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmSmgysg8ofStKr4OjA9HF7wjaCp2-hwSqmvEiclLFf7zLvYHJOKqgLNk-SzY4Dx4wNAZ8LU4QPHFj5EYRAvndsIYXJW903eJA
Request Chain 237
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELyRySfC_pCANeHzJHhVSJ0&google_cver=1&google_push=AXcoOmQrk1Obm8uRKHc-Vu4MfEmR1_rBcbztb17LRBRL6QQdVeGLQ1u01oHqAlfijOAUbwyLQY91sqU--xO8FFE7t2Wu26XnRRmYpg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQrk1Obm8uRKHc-Vu4MfEmR1_rBcbztb17LRBRL6QQdVeGLQ1u01oHqAlfijOAUbwyLQY91sqU--xO8FFE7t2Wu26XnRRmYpg&google_gid=CAESELyRySfC_pCANeHzJHhVSJ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEyNjg0MTU4MTIzNjQxODg2MjQ4Ng%3D%3D&google_push=AXcoOmQrk1Obm8uRKHc-Vu4MfEmR1_rBcbztb17LRBRL6QQdVeGLQ1u01oHqAlfijOAUbwyLQY91sqU--xO8FFE7t2Wu26XnRRmYpg
Request Chain 239
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPkS9_hx8M43dre-_Sa1qNU&google_cver=1&google_push=AXcoOmQldPaD2vAFnOQyJmICnykGea1WpePX5YIwVZSGXdC5su22fSzw5mZoMYwYnP_HGoAULsE_OD4-Qo-5zsweuF-MiHpaUyvWwEI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQldPaD2vAFnOQyJmICnykGea1WpePX5YIwVZSGXdC5su22fSzw5mZoMYwYnP_HGoAULsE_OD4-Qo-5zsweuF-MiHpaUyvWwEI HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAamO8svk7Qk-DFq672Jwl8&google_cver=1
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPC7UY_-YjBNPluK3NYncXE&google_cver=1
Request Chain 287
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlqDtvL9QZlhOvb5HnJRFI&google_cver=1&google_push=AXcoOmTOxogODmYTOm5lqg_ancRHJ7edWC-1O14PuBaSxcfyMEordx44E8AXsJaGlc_ku7EKC2WSdq-OmS0mhq5eqzIn0-S6dCYZpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXU1VE9hcWUxUVFwcnQ1&google_gid=CAESEPlqDtvL9QZlhOvb5HnJRFI&google_cver=1&google_push=AXcoOmTOxogODmYTOm5lqg_ancRHJ7edWC-1O14PuBaSxcfyMEordx44E8AXsJaGlc_ku7EKC2WSdq-OmS0mhq5eqzIn0-S6dCYZpQ
Request Chain 288
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFbzWCMIqe52-3lNrE3lQxU&google_cver=1&google_push=AXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFbzWCMIqe52-3lNrE3lQxU&google_cver=1&google_push=AXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 289
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAuzy5GN6Q5yC_sr_ghaELg&google_cver=1&google_push=AXcoOmRP1Cdp2THI5Ly3nJl-yymRg8Iyc5-uwYVXOSpIIigPgrfMC2vwK7mp9xPEY0owkkyQl92dp98Ve6hzBLjveWNtdoU1JlNkjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzOTc0NTUwNzM5MzQyMjQ3NQ&google_push=AXcoOmRP1Cdp2THI5Ly3nJl-yymRg8Iyc5-uwYVXOSpIIigPgrfMC2vwK7mp9xPEY0owkkyQl92dp98Ve6hzBLjveWNtdoU1JlNkjQ
Request Chain 291
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEO-Ktk4ZBQv3HWdTum9N8zU&google_cver=1&google_push=AXcoOmTrqtbN0BXv82GMFoWeeQ6S4PMYjz5FC0WsmA4iVLeK_tDb4HioL5KpHYX_AEXIH9ZIE5bh5PekfvJ5Y2_9S08WB7RsOVmORA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEO-Ktk4ZBQv3HWdTum9N8zU&google_cver=1&google_push=AXcoOmTrqtbN0BXv82GMFoWeeQ6S4PMYjz5FC0WsmA4iVLeK_tDb4HioL5KpHYX_AEXIH9ZIE5bh5PekfvJ5Y2_9S08WB7RsOVmORA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTrqtbN0BXv82GMFoWeeQ6S4PMYjz5FC0WsmA4iVLeK_tDb4HioL5KpHYX_AEXIH9ZIE5bh5PekfvJ5Y2_9S08WB7RsOVmORA&google_hm=Hd0TqGZHZYxid7qHSH-RIbwY
Request Chain 292
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEA_heDCuxIWROgcx_Y_kOrY&google_cver=1&google_push=AXcoOmQOx393Qt32XZX6WaMm0nJ3ecZevNrAE0rtcJqstjaq54nWnnv3bNDEG7D9sF26fznEOetVtNqRO3WCV8JM-P6L1RMN4CuC0xM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c01a8213-3375-4220-b2db-f6c6ed8cbdec&google_cver=1&google_gid=CAESEA_heDCuxIWROgcx_Y_kOrY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQOx393Qt32XZX6WaMm0nJ3ecZevNrAE0rtcJqstjaq54nWnnv3bNDEG7D9sF26fznEOetVtNqRO3WCV8JM-P6L1RMN4CuC0xM&gdpr=${GDPR}
Request Chain 299
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN2-g5eA7YEDFT3jEQgdQUQIQw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101104592789569766385X120211V1226132702MSviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023101104592789569766385X120211V1226132702MSviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=120211&partnerid=12218
Request Chain 333
  • https://fw.adsafeprotected.com/rfw/st/1291251/67826871/4.js?ias_dspID=3&ias_campId=1010179150&ias_pubId=pub-7968146525597976&ias_chanId=1&ias_placementId=19226434042&bidurl=https://dacota.tw/blog/post/antdownload-2&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jKZwOQqxL2mQ2u0qhX_psi&adContainerId=brand_safety_jQ8mZbaeNNjCx_AP5dKDmA4&cbFunctionName=goog_wrapCb_jQ8mZbaeNNjCx_AP5dKDmA4&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fdacota.tw&adsafe_type=y&adsafe_url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&adsafe_type=e&adsafe_url=https%3A%2F%2F88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e3b0a2d4-5799-3433-78a0-37ac6b6a10b7,c:qHJ1rq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-v5ml8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tSlknTK+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b12%7C1b2%7C1c*.1291251-67826871%7C1c1%7C1c2%7C1c3%7C1c4%7C1d,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:37,oid:300c5b13-67e2-11ee-b5ac-2ee7995e8325,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_jQ8mZbaeNNjCx_AP5dKDmA4&cbFunctionName=goog_wrapCb_jQ8mZbaeNNjCx_AP5dKDmA4&true_pb=
Request Chain 351
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 363
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOJ4LqmltFSLPChHe-uxV80&google_cver=1&google_push=AXcoOmSd4l5KWG9D_eZ0f44h5FJvtblVJHomsJRTyGLQ6MDbYs7uWPh2HZDIlIS37ngwimZaPgLbmjG-3Khn4s59UwwbboRYSvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA1ODQzNDM5NTczNTczNjMwMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOJ4LqmltFSLPChHe-uxV80&google_cver=1
Request Chain 367
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ7-3e2DRdwGIXAiKdzD8vQCn3Xn15B4NjqWOOna-un98GmFBM-qMmYv-XJuTbHI0ksFHGsLfDQOD8_WugaFCfYjR-lo_w&google_gid=CAESEOJDHNb2KXcBshEje7DJ2GA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmQ7-3e2DRdwGIXAiKdzD8vQCn3Xn15B4NjqWOOna-un98GmFBM-qMmYv-XJuTbHI0ksFHGsLfDQOD8_WugaFCfYjR-lo_w
Request Chain 368
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDTH9AwyIfpd1k7NVtA29Ig&google_cver=1&google_push=AXcoOmS_mRQdSsWwNt5JXoZZc9YL0joxokZvnxqMuHz1X1u8K4LnDVaxbcAGdh0NAAJlrS8xoInHAnggzUAIgQwIvo3UzOL-6Juk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MNVdaWk0tSS0yMDJS&google_push=AXcoOmS_mRQdSsWwNt5JXoZZc9YL0joxokZvnxqMuHz1X1u8K4LnDVaxbcAGdh0NAAJlrS8xoInHAnggzUAIgQwIvo3UzOL-6Juk

419 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request antdownload-2
dacota.tw/blog/post/ 		91 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
d8b91f29e3aad266c0693a9e03db431f82db879055e6f0aa3102f6bc340221d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
22046
content-type
text/html; charset=UTF-8
date
Wed, 11 Oct 2023 02:59:19 GMT
etag
"701324-1696965460;br"
link
<https://dacota.tw/wp-json/>; rel="https://api.w.org/" <https://dacota.tw/wp-json/wp/v2/posts/136611>; rel="alternate"; type="application/json" <https://dacota.tw/?p=136611>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4021545012034144
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44b61c4001561290878374ccaeb83fc4ca25080eeea8fde71b4f5333de0acecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/
Origin
https://dacota.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51302
x-xss-protection
0
server
cafe
etag
6167266680174466048
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4568956469357837
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c9324f9965f91e798edc284dc39c5626a367a18c69edf7715d57d3b23a41fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/
Origin
https://dacota.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50848
x-xss-protection
0
server
cafe
etag
13838599439263766397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3801907256397861
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb41091236033c7dde257a2f967d8a8fff42a6216cb640d98548016e7be4a015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/
Origin
https://dacota.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51209
x-xss-protection
0
server
cafe
etag
5817932179086683279
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:21 GMT
au.js
a.breaktime.com.tw/js/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.breaktime.com.tw/js/au.js?spj=CEBU718
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Tue, 20 Jun 2023 01:51:40 GMT
vary
Accept-Encoding
x-azure-ref
20231011T025921Z-7ub45k8d953m577708qtm2fs8400000004u0000000007bvk
content-type
text/javascript
x-ms-request-id
5a1cc5c4-d01e-0048-149f-f7bfd6000000
cache-control
public, max-age=1800
x-cache
TCP_HIT
x-ms-version
2009-09-19
style.css
dacota.tw/wp-content/themes/foodiepro-v420/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/themes/foodiepro-v420/style.css?ver=4.2.0
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
144ace469f26fc506471e904f48683767bee4669da12248d1fb12a3d0c236e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Fri, 10 Jan 2020 02:41:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7941
expires
Wed, 18 Oct 2023 02:59:20 GMT
style.min.css
dacota.tw/wp-includes/css/dist/block-library/ 		95 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Thu, 30 Mar 2023 23:26:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11775
expires
Wed, 18 Oct 2023 02:59:20 GMT
view.css
dacota.tw/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 		602 B
258 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 08:38:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
203
expires
Wed, 18 Oct 2023 02:59:20 GMT
mediaelementplayer-legacy.min.css
dacota.tw/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Thu, 13 May 2021 02:52:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2394
expires
Wed, 18 Oct 2023 02:59:20 GMT
wp-mediaelement.min.css
dacota.tw/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.2.2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Fri, 13 Dec 2019 10:15:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
982
expires
Wed, 18 Oct 2023 02:59:20 GMT
classic-themes.min.css
dacota.tw/wp-includes/css/ 		291 B
197 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Thu, 30 Mar 2023 23:26:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
164
expires
Wed, 18 Oct 2023 02:59:20 GMT
front.min.css
dacota.tw/wp-content/plugins/image-sizes/assets/css/ 		126 B
179 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/plugins/image-sizes/assets/css/front.min.css?ver=4.1
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
bc3fa17b0c4f879f13a223996f66eb9fad7c84385b2967e3781a3680a6e6a811

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
last-modified
Tue, 29 Aug 2023 08:38:58 GMT
server
LiteSpeed
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
126
expires
Wed, 18 Oct 2023 02:59:20 GMT
dashicons.min.css
dacota.tw/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/css/dashicons.min.css?ver=6.2.2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Thu, 13 May 2021 02:52:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35110
expires
Wed, 18 Oct 2023 02:59:20 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli%3Aregular%2Citalic%2C300%2C300italic%7CKarla%3Aregular%2Citalic%2C700%2C700italic%26subset%3Dlatin%2C&ver=4.2.0
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f41cba07383b199fff803ed499ebabde789484602a2ba008152a0828335e286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 02:59:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Oct 2023 02:59:20 GMT
default.css
dacota.tw/wp-content/plugins/tablepress/css/build/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.7
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 08:38:57 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2206
expires
Wed, 18 Oct 2023 02:59:20 GMT
jetpack.css
dacota.tw/wp-content/plugins/jetpack/css/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/plugins/jetpack/css/jetpack.css?ver=12.5
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
b819dcb40958b1ef2e74f72fa5ba96f9370c421b31ecccabf7683f24372b80a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 08:38:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17275
expires
Wed, 18 Oct 2023 02:59:20 GMT
wp-dtree.min.css
dacota.tw/wp-content/plugins/wp-dtree-30/ 		443 B
209 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/plugins/wp-dtree-30/wp-dtree.min.css?ver=4.4.5
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
15c0cca5a6be3aab16397f9794bd3764e52f3c830db64abf7b461e35c19111ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 04:02:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
153
expires
Wed, 18 Oct 2023 02:59:20 GMT
jquery.min.js
dacota.tw/wp-includes/js/jquery/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Thu, 30 Mar 2023 23:26:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30376
expires
Wed, 18 Oct 2023 02:59:20 GMT
jquery-migrate.min.js
dacota.tw/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Thu, 30 Mar 2023 23:26:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4603
expires
Wed, 18 Oct 2023 02:59:20 GMT
wp-dtree.min.js
dacota.tw/wp-content/plugins/wp-dtree-30/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/plugins/wp-dtree-30/wp-dtree.min.js?ver=4.4.5
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
ecc725d0c3d56d6d64dabdc77c38a5935ee2bc06a58f5b4135a970659523b2c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:20 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 04:02:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2364
expires
Wed, 18 Oct 2023 02:59:20 GMT
js
www.googletagmanager.com/gtag/ 		272 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J4GY2HPNY1
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fe5f1b7dd077dba33e2ae25d8ee9826381c385637b3b70f8d27890a79f7bea5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93066
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 11 Oct 2023 02:59:21 GMT
client-code.js
embedr.flickr.com/assets/ 		642 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embedr.flickr.com/assets/client-code.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.188.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-188-253.compute-1.amazonaws.com
Software
/
Resource Hash
4be697ac695f2c11c2a9ab7075cfa7ca9cf2723baf62cfe8c913a3bb2ca56917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
x-content-type-options
nosniff
etag
W/"282-79d207e6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
content-length
642
x-xss-protection
1; mode=block
x-request-id
c0c26b7255f339b1
1497882566-31f73f4f6cf1737654e1421671ab0959.png
img.dacota.tw/2017/06/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2017/06/1497882566-31f73f4f6cf1737654e1421671ab0959.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a081fcbff0e8fd68f8b67038c324dfa967d84f5384b8599acd28df7cbe3c01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
cf-cache-status
HIT
last-modified
Sun, 02 Jan 2022 06:14:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
12688
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BIBkqhUztydwCJjIyHPDFSog7BbrHobIjeTZRf1LzzAVF6APCd6HLw1SPdRtZOhE0LOgxADmZgPrfzIF0DhQ0GFgmCd%2BPCI%2BW70PZYbprKuTwsSvbbekev5H1xS36i7AZghjer8W0xrf9cm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc5f4e6904-FRA
alt-svc
h3=":443"; ma=86400
content-length
31046
expires
Mon, 16 Oct 2023 13:29:52 GMT
1675416809-f036c2a7d641e6e28c53b2bd4821cfe0.jpg
img.dacota.tw/2023/02/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/02/1675416809-f036c2a7d641e6e28c53b2bd4821cfe0.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996f6c7cb4dac528486d158a98a4dc56cd07fad4605a80495ec96c3bf7a8031c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 09:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bo%2FLuH7INfArCrNVPxlalf0uRDUzeLWHYRctRQiK27uzpAZHg4N0mF7GnPHicgR9KIw2BdzBwuYmh2VeH3WfbO%2BB86vaAVeJjDF5aeO5qHLOvFi4lEH8Ylcc%2BXqzdjRdUGues6gi5xEf09qv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc5f4c6904-FRA
alt-svc
h3=":443"; ma=86400
content-length
99360
expires
Mon, 16 Oct 2023 14:59:35 GMT
1514436936-b8da5b8fb8c638ed86e875cc9df135ef.png
img.dacota.tw/2017/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2017/12/1514436936-b8da5b8fb8c638ed86e875cc9df135ef.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f90f8ac8505852baa5300c6521af0653d4e93c42eebff7e18331c3e4b058a18
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2696
last-modified
Wed, 27 Jun 2018 09:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myr58ObrML77JxR0JWgHkKfLhPtIOQ9rTLjcpYRvLD7CGicMWjVLRDV7%2F7LQcJCpdJ0QMXHE8LBWZRryX20YYMeMv2K%2FPz3w4xL2tES8L%2FY8ndgQ0u4pg8qG61IZ3BbTkeZJNsVOSs8Z0BSb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8143d8bc5f4f6904-FRA
expires
Tue, 10 Oct 2023 14:47:26 GMT
1527182717-efe7ba524df3cc3bb5e6da601e97b991-1024x447.jpg
images.zi.org.tw/dacota/2016/12/25012518/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.zi.org.tw/dacota/2016/12/25012518/1527182717-efe7ba524df3cc3bb5e6da601e97b991-1024x447.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.253 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-253.above.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
1566225440-ef627fe4c514866bbcbfaa84d9f4fc1e.jpg
img.dacota.tw/2019/08/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2019/08/1566225440-ef627fe4c514866bbcbfaa84d9f4fc1e.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c514207316d89e510e7895fe4c9a29dd1414d1a0b6f0c49f9eff428d7c0c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
cf-cache-status
HIT
last-modified
Sun, 02 Jan 2022 03:10:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29549
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBIc%2BRvlA%2BkqnFMkDGW0ACubhyZ9Y0vpc0HPbNod%2Fnjlea5g9029b1uahoS50XIwmsSBHRDpf28LGECcvoR1lwdbZdXjeb0QPG75EU%2FNxyr2w9E5NIuBgEjdklHMBoC2v6hg49QQrg4i8FH3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc5f506904-FRA
alt-svc
h3=":443"; ma=86400
content-length
99317
expires
Sat, 23 Sep 2023 00:53:04 GMT
embed.js
s.imgur.com/min/ 		433 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.imgur.com/min/embed.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230130-FRA
date
Wed, 11 Oct 2023 02:59:21 GMT
via
1.1 varnish
last-modified
Thu, 05 Oct 2023 19:01:35 GMT
age
96
x-timer
S1696993162.566895,VS0,VE0
etag
"35a7c25618062b8160cabdc53e2f03a1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
433
x-cache-hits
2
gpt.js
www.googletagservices.com/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22f73d221b180dff232c3000e00aa84dd9155cd7abb69d07c4a0abac2707c190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29969
x-xss-protection
0
server
cafe
etag
425 / 19641 / 31078709 / config-hash: 1567846903150672402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:21 GMT
listener.js
dacota.tw/safety/ 		1 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/safety/listener.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
3204abe3e48b3acefee070cb6e5717087e56b8cd9b3a83f6734010715bac0186

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Thu, 24 Aug 2017 06:38:35 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
636
expires
Wed, 18 Oct 2023 02:59:21 GMT
postviews.js
dacota.tw/wp-content/plugins/wp-mop-analytics/js/ 		422 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/plugins/wp-mop-analytics/js/postviews.js?ver=6.2.2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
a8981b430d4c419eb8e514265cc5f41b20c521a2b44dfc8723fcc78aa4745976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2017 02:43:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
215
expires
Wed, 18 Oct 2023 02:59:21 GMT
comment-reply.min.js
dacota.tw/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 05:23:31 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1228
expires
Wed, 18 Oct 2023 02:59:21 GMT
skip-links.min.js
dacota.tw/wp-content/themes/genesis/lib/js/ 		386 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.2.1
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Fri, 10 Jan 2020 02:08:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
188
expires
Wed, 18 Oct 2023 02:59:21 GMT
general.js
dacota.tw/wp-content/themes/foodiepro-v420/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/themes/foodiepro-v420/js/general.js?ver=4.2.0
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
4588cb513cac3531119371b3bc4167c41d95f0ba445ebbe33587b4fed43216bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Fri, 10 Jan 2020 02:41:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1807
expires
Wed, 18 Oct 2023 02:59:21 GMT
e-202341.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202341.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684464982353.1523
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 07 Oct 2024 04:00:42 GMT
akismet-frontend.js
dacota.tw/wp-content/plugins/akismet/_inc/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1690055384
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Sat, 22 Jul 2023 19:49:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2819
expires
Wed, 18 Oct 2023 02:59:21 GMT
gtm.js
www.googletagmanager.com/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WH43B72
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cdd58f9281ebc41fa9abfa923a70ae672ffb8d476e3661c023f7d3c1db0b3971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52168
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 00:14:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Oct 2023 02:59:21 GMT
wp-emoji-release.min.js
dacota.tw/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dacota.tw/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Thu, 30 Mar 2023 23:26:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4651
expires
Wed, 18 Oct 2023 02:59:21 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 		389 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=dacota.tw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4021545012034144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0be0681a69edf14fc0b6ad56490cd060ce459c88fe603e173266536dc9a4ab99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135181
x-xss-protection
0
server
cafe
etag
2422554488999973379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:21 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 1232 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4021545012034144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 11:00:37 GMT
etag
2603938475786422795
expires
Tue, 24 Oct 2023 11:00:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WK2K6KX
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
787c8227df99ebd7d0fa44445d76a2e014682de70fb01d7daa02cc445cca52b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75361
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 00:14:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Oct 2023 02:59:21 GMT
au.js
a.breaktime.com.tw/js/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.breaktime.com.tw/js/au.js?spj=CEBU718
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Tue, 20 Jun 2023 01:51:40 GMT
vary
Accept-Encoding
x-azure-ref
20231011T025921Z-7ub45k8d953m577708qtm2fs8400000004u0000000007bvm
content-type
text/javascript
x-ms-request-id
5a1cc5c4-d01e-0048-149f-f7bfd6000000
cache-control
public, max-age=1800
x-cache
TCP_HIT
x-ms-version
2009-09-19
plus.gif
dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/ 		79 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/plus.gif
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
8b4a7453818bcc399e0d44292cf622222068caccd7b7053b572e1cbcca0fc790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
last-modified
Fri, 18 Dec 2020 04:02:43 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
79
expires
Wed, 18 Oct 2023 02:59:21 GMT
line.gif
dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/ 		66 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/line.gif
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
8b7d4285aaa45035e807805878f325b5bb4aecbed42be67235a3580a787cc536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
last-modified
Fri, 18 Dec 2020 04:02:43 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
66
expires
Wed, 18 Oct 2023 02:59:21 GMT
join.gif
dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/ 		69 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/join.gif
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
ed0b3ec99c5214303ac40914db05ff0280bb4134c64c95ef3812f79d071e95fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
last-modified
Fri, 18 Dec 2020 04:02:43 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
69
expires
Wed, 18 Oct 2023 02:59:21 GMT
joinbottom.gif
dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/ 		66 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/joinbottom.gif
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
ea98634e2b4516f30d9e1fec06fb88732d0d7e475a5dd03a79fcf93f119cae67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
last-modified
Fri, 18 Dec 2020 04:02:43 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
66
expires
Wed, 18 Oct 2023 02:59:21 GMT
plusbottom.gif
dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/ 		78 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/plusbottom.gif
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
ec2fdad621bb30d4a9be0ef7759a40840c0e90fe9aa89b51248982d4662070e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
last-modified
Fri, 18 Dec 2020 04:02:43 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
78
expires
Wed, 18 Oct 2023 02:59:21 GMT
empty.gif
dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/ 		62 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dacota.tw/wp-content/plugins/wp-dtree-30/dtree-img/empty.gif
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
152c84e46b3466b723a4cb9bacbbce881a1fd9af042dfa716eaf02df28d6ad7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
last-modified
Fri, 18 Dec 2020 04:02:43 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
62
expires
Wed, 18 Oct 2023 02:59:21 GMT
search.svg
dacota.tw/wp-content/themes/foodiepro-v420/images/ 		2 KB
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dacota.tw/wp-content/themes/foodiepro-v420/images/search.svg
Requested by
Host: dacota.tw
URL: https://dacota.tw/wp-content/themes/foodiepro-v420/style.css?ver=4.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.153.177.11 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS
103-153-177-11.as131657.net
Software
LiteSpeed /
Resource Hash
b1997dab216a1ae3a6865fed352a6e580a0b7d87963556fed51daed631f6dcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/wp-content/themes/foodiepro-v420/style.css?ver=4.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
last-modified
Fri, 10 Jan 2020 02:41:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
723
expires
Wed, 18 Oct 2023 02:59:21 GMT
qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v31/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3Aregular%2Citalic%2C300%2C300italic%7CKarla%3Aregular%2Citalic%2C700%2C700italic%26subset%3Dlatin%2C&ver=4.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dacota.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 16:45:56 GMT
x-content-type-options
nosniff
age
555205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24364
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 15:41:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Oct 2024 16:45:56 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3Aregular%2Citalic%2C300%2C300italic%7CKarla%3Aregular%2Citalic%2C700%2C700italic%26subset%3Dlatin%2C&ver=4.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dacota.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:36:56 GMT
x-content-type-options
nosniff
age
462145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:36:56 GMT
1675416357-e42cafd9b62f1c7b5a5184fc3b6826df.png
img.dacota.tw/2023/02/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/02/1675416357-e42cafd9b62f1c7b5a5184fc3b6826df.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f14fa3b7d28a834a50d60c4d37a89e313178dc243f7edea39feefc38c93467

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 09:25:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG%2FRJv86Foa%2BmST4j0wAEXVj7rhyzHuDgGqcZh27q7%2FvOXF%2F3sM15PiVWiplxK2wMo4Bw8PnPmdGXsyrpdP1CcPny4pOvi56mFrag%2BvIWJvsp0GUTQfRzEdUN3BUOdUpwoXUU0eXGorzI0qO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc9f6a6904-FRA
alt-svc
h3=":443"; ma=86400
content-length
133014
expires
Tue, 17 Oct 2023 05:08:56 GMT
1675416353-cd718ec12a8eb39e427ac6052afd260f.jpg
img.dacota.tw/2023/02/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/02/1675416353-cd718ec12a8eb39e427ac6052afd260f.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e03a5cafab847cd0202a814a45701841ecc61e2375c2ae9ba03a60ef6f7ebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 09:25:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1%2Fa3nNVDE%2BiBL1nGRLc21LgfgkpejQT%2FjEB%2Bgkqjnf2DMaLFJQSylg1ekxnONliIEHnKTa9bvbPnkfGMZJzzSrvJW%2FkyNe04va3LiQmy9RpwAeWK3ZyU2nSaCBIHLjnYAgi4nV3Zvoj3kZo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc9f696904-FRA
alt-svc
h3=":443"; ma=86400
content-length
64653
expires
Tue, 17 Oct 2023 17:20:40 GMT
1675416355-fc5f4a1d126fbebcb802caac6a6812b5.jpg
img.dacota.tw/2023/02/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/02/1675416355-fc5f4a1d126fbebcb802caac6a6812b5.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6386792879a0998319225cd9dbf4b59030c53321ef8a39866fc15877807c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 09:25:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1%2F9ESn7K7cY0TShlxGjxLf6rUf09DXcD7Oavfg5B7SIsg%2F4afIVTF8hAhSfQDfXp2S8mcUEp1SG6FeIcEmjqVvxTVkHc2aQwEIHteYy%2B4asKEYx2aCuAzv41rYVdIk6QcDyfDrCu3Ssarfq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc9f6b6904-FRA
alt-svc
h3=":443"; ma=86400
content-length
92555
expires
Tue, 17 Oct 2023 02:02:09 GMT
1685257133-d5a36da11852c83b6ceaf64d572ff8f4-150x150.jpg
img.dacota.tw/2023/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/05/1685257133-d5a36da11852c83b6ceaf64d572ff8f4-150x150.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb09a13895c483c408f34af2d161559c9e0a8a4453e2804454f93ec424b098f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 09:49:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXcxCkj6BIHCBkiuTyFSkllNFJyF7%2BAVdmiN7hz6GvxH6lSHi%2B7Z3tCxo53P9ohWceYOLT54A4T00kKeaU9K%2FiroUkAqXCH8zs1uG18BYxsWO9qdAqUJdOzX%2BKLAxN0jwfyV8jiMvqkOPYUF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc5f496904-FRA
alt-svc
h3=":443"; ma=86400
content-length
3542
expires
Sat, 07 Oct 2023 18:25:16 GMT
1696959580-eb7880982000fcb449ec7556258a142d-150x150.jpeg
img.dacota.tw/2023/10/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/10/1696959580-eb7880982000fcb449ec7556258a142d-150x150.jpeg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f766b9ebebf08bdba89b26a9f3c5386aac7a4ed18602c328ce2a38181b731944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 17:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BjLOaEmsOdBsjKtwv43qTQjeNnkQIopjs68h9cwwataiQVFLUBtNommKUkkE8x5XDs%2FshcZQBHg3J4B%2BTs07PUKMc%2FJ1UEvIZR5VYOFeHgpvceIl6Cpz%2B%2BkngNnDuOSBbgsLBrHE8Iov%2FOO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc5f4a6904-FRA
alt-svc
h3=":443"; ma=86400
content-length
4363
expires
Tue, 17 Oct 2023 17:47:28 GMT
1696527717-32fb719b60068011364b7ba182dcc7ab-150x150.jpg
img.dacota.tw/2023/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/10/1696527717-32fb719b60068011364b7ba182dcc7ab-150x150.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d57351aee9eb779abfc1ae494d338ca3cd0282d1a76357802e91ebbbbeb1622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 17:41:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5y8%2B51%2FBIVtAxofLur7CWLaQEWilEKOCZZhnJ1EO4PSHWgD7y8tRZviqhL44cNBeBZzZYmnZgWUUToF14DdiGwnwWmeJEQ0MwgO8I5epj76NU4zV%2BZ0pb0kprynMgTLqxKSFGPrfXEIRFHDG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc5f486904-FRA
alt-svc
h3=":443"; ma=86400
content-length
4113
expires
Thu, 12 Oct 2023 17:43:01 GMT
1696411969-e1f510376efb20dbc47110a5f616f02d-150x150.jpg
img.dacota.tw/2023/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/10/1696411969-e1f510376efb20dbc47110a5f616f02d-150x150.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d9403b2b4f177a0bb430759af877306cc4321709c556916fe05afa4285cf02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 09:32:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYxEi7k4o9m0hJsoJRnaPx5fTnwbAIHEVt415rBy8vS6T34cY2s2s8sA6JC0cXR2vPMAan%2FEQxv1wNdTVBg7ijkc6WtWzukQP00CdNPLy4TldVgAXqL3rIzfowmNsOXphvH1MV%2FGJF27gosc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc5f4b6904-FRA
alt-svc
h3=":443"; ma=86400
content-length
5063
expires
Wed, 11 Oct 2023 09:33:06 GMT
1696406569-8b69589807674f197adee6b1b2c00d3a-150x150.jpg
img.dacota.tw/2023/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/10/1696406569-8b69589807674f197adee6b1b2c00d3a-150x150.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9835893dc15ca073d36de03d3f92d7d4d195e14e0db2126831a16bc280b6adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 08:04:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB4l%2Bd%2BolZV0BIpLclqQ6nrdjh7WVEcRyiHg2JLq2OF5UqClss%2B5BpjbpdZa4plAXKftNMsGjw5kWunjL%2BMB4x6Nyo6vJF%2BUb3ZnXKoB9Xqd5aXx32ARbEUE%2BhhQ47UnOyU%2FKNxmvp4RDSl%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc9f6c6904-FRA
alt-svc
h3=":443"; ma=86400
content-length
5573
expires
Wed, 11 Oct 2023 08:04:32 GMT
1696364236-c291c87ce2fab843687ef1368820b874-150x150.jpg
img.dacota.tw/2023/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dacota.tw/2023/10/1696364236-c291c87ce2fab843687ef1368820b874-150x150.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
614b7ec13a90ba6d042e66e99e31d44d8e81dd4d3a9338debfca5bf500405b91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 20:17:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3hqE%2B1luF9waCPgCZ8uX%2B5fcvVRN%2F8DMzp3Uoo2qygIfL7xCz3I6%2BshpoSSKTa4jo8LbRviSvT%2BqYUMQoDPHXjBL%2FAoipG03G7JoiPw2HgYBNda3nsu4SKcmfNO6sfYWb9K4O7gMqoe4wRj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8143d8bc9f6d6904-FRA
alt-svc
h3=":443"; ma=86400
content-length
8497
expires
Tue, 10 Oct 2023 20:32:02 GMT
plugin.min.js
static.dable.io/dist/ 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/plugin.min.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.93.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-93-220.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
5dc0faa40873de0c227c9ebcf37429e5eec4add10121b293646f6fee649f147f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
oapFgKVIDD06AONsJ6rddLs.uwOor4JE
content-encoding
gzip
date
Wed, 11 Oct 2023 02:59:21 GMT
last-modified
Wed, 11 Oct 2023 01:23:05 GMT
server
nginx/1.20.0
x-amz-request-id
MTVRCQFSJD6FDAFX
etag
"b00a3df33b005f79d5c7a4c3acc91121"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=80647
accept-ranges
bytes
content-length
37595
x-amz-id-2
t7AJxqkXXpq8KbIx3ny7i1BQ8rB2lAVjn9m8mqtpjubf1h5+G5s3PL/iespcqjYw1oF+mmDQifE=
gpt.js
www.googletagservices.com/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6480b4b6e1450a4f658ed041953379743e973dff5c0bf14d727580131de56cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29970
x-xss-protection
0
server
cafe
etag
304 / 19641 / 31078700 / config-hash: 1567846903150672402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:21 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 11 Oct 2023 01:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4179
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 11 Oct 2023 03:49:42 GMT
collect
region1.analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-J4GY2HPNY1&gtm=45je3a90&_p=235679897&_gaz=1&cid=763117398.1696993162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696993161&sct=1&seg=0&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J4GY2HPNY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J4GY2HPNY1&cid=763117398.1696993162&gtm=45je3a90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J4GY2HPNY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J4GY2HPNY1&cid=763117398.1696993162&gtm=45je3a90&aip=1&z=566419717
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		385 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dacota.tw&callback=_gfp_s_&client=ca-pub-4021545012034144
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=dacota.tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2199585449c4c0ba2cfc3b66c3db62a08abed774f62bb83fc2e3b9548e77385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6CBB 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&adk=1812271804&adf=3025194257&lmt=1696985961&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993160611&bpp=631&bdt=247&idt=1040&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7798919204589&frm=20&pv=2&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1144
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=dacota.tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:21 GMT
expires
Wed, 11 Oct 2023 02:59:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=130853586&post=136611&tz=8&srv=dacota.tw&j=1%3A12.5&host=dacota.tw&ref=&fcp=2429&rand=0.31371748712067227
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Oct 2023 02:59:22 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
embed-controller.js
s.imgur.com/min/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.imgur.com/min/embed-controller.js
Requested by
Host: s.imgur.com
URL: https://s.imgur.com/min/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230130-FRA
date
Wed, 11 Oct 2023 02:59:22 GMT
via
1.1 varnish
last-modified
Mon, 25 Sep 2023 14:16:30 GMT
age
84
x-timer
S1696993162.096120,VS0,VE0
etag
"9ed8fe2752ce22d6cdf0488bd3ad0802"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
2809
x-cache-hits
2
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1bb2242604dca14ae8be8b2abe640fc33839a6640d9a72a2ce81ba86e01501f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 21:43:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
18934
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134754
x-xss-protection
0
server
cafe
etag
13173665549537858271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 09 Oct 2024 21:43:48 GMT
gl.js
power.adhacker.online/general/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://power.adhacker.online/general/gl.js?spj=CEBU718
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=CEBU718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c16416da729fa31f12f29e7e1fe15979ffd5e62835a069976cd39558b4a189

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycds4wpKrOVpbS4xpgn8hSSvtB4C-CKXEJMtgTuH6PTAV6NnAZ0PfUm0F_8TSV6YX5pi7rkavmbrnu9RcFIuVeFUBMQ
x-goog-storage-class
REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
x-goog-meta-
last-modified
Tue, 08 Mar 2022 06:49:09 GMT
server
cloudflare
etag
W/"32b3e2f8bc858fef8667539f0d56bb03"
vary
Accept-Encoding
x-goog-generation
1646722149345795
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=S+qufA==, md5=MrPi+LyFj++GZ1OfDVa7Aw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=1200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSPsY6%2Bg%2B2USB1hwr3md%2Buv4zaPC9BwJ9wjHDegi8A0kJ4uQTiAq6008TwszylxW%2FwWbCT0L%2F6w%2B8se7Hd60raZibvDJjGmfaeBDgFX%2FDcB6necwnH5MhaAXRYL7IFEVsEhdjENQM7G2rdVC22GUyGHe4uk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
12217
cf-ray
8143d8c27c359bac-FRA
expires
Wed, 11 Oct 2023 03:19:22 GMT
/
alliance.breaktime.com.tw/api/check/service/CEBU718/dacota.tw/ 		112 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://alliance.breaktime.com.tw/api/check/service/CEBU718/dacota.tw/
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=CEBU718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.138.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.138.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b67973578b0b83ccc7c06974f461b0d8ba96b0cd87cc5d3eaa5e287649d483d6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
via
1.1 varnish (Varnish/5.0), 1.1 google
age
0
x-cache
Miss
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Language, Cookie
content-language
zh-hant
access-control-allow-origin
*
content-type
application/json
allow
GET, HEAD, OPTIONS
x-varnish
650494642
accept-ranges
bytes
x-cache-hits
0
embedr-loader.js
embedr.flickr.com/assets/ 		225 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embedr.flickr.com/assets/embedr-loader.js
Requested by
Host: embedr.flickr.com
URL: https://embedr.flickr.com/assets/client-code.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.188.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-188-253.compute-1.amazonaws.com
Software
/
Resource Hash
07517f91e27cc8d4d0dab9be8a59c1d24959d19abc0578a0d17224e487ea577f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
x-content-type-options
nosniff
etag
W/"e1-4431b6d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
content-length
225
x-xss-protection
1; mode=block
x-request-id
4bac931161439ce1
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QH5CZ9461Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK2K6KX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecdb8c3aacbd7e709e47d153f7e0c13dfedc5e27ac237028db0b8a4fe5cbc24b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85419
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 11 Oct 2023 02:59:22 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E866 		118 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=dacota.tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d3b69e566e2cd5f765f8770eddf23898ef863c0a74475e084a13cbce24234a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41433
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:24 GMT
expires
Wed, 11 Oct 2023 02:59:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=235679897&t=pageview&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ul=en-us&de=UTF-8&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=672407043&gjid=1397972373&cid=763117398.1696993162&tid=UA-36891062-4&_gid=841859131.1696993162&_r=1&_slc=1&z=331895022
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=235679897&t=pageview&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ul=en-us&de=UTF-8&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=658182469&gjid=1988160108&cid=763117398.1696993162&tid=UA-106322328-7&_gid=841859131.1696993162&_r=1&_slc=1&gtm=45He3a90n81WH43B72&z=1605380281
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
30f8014de94e476123b4dbec0e08e89466fb692a6fcc99433488e74c43b19b79
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=235679897&t=pageview&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ul=en-us&de=UTF-8&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=380479156&gjid=1833956296&cid=763117398.1696993162&tid=UA-223359337-1&_gid=841859131.1696993162&_r=1&_slc=1&gtm=45He3a90n81WK2K6KX&z=1443530371
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
prefs2
api.dable.io/plugin/services/dacota.tw%2Fzimedia/ 		834 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/dacota.tw%2Fzimedia/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.38.235.130 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-38-235-130.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6cb1a8100e9dc98d51a7f3a1c1e56c12a95b89dd83638194431cfaca4de7ba38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
nginx
etag
W/"342-SU/R1shCLuMDZDRnijBD2TDiKhM"
content-type
text/javascript; charset=utf-8
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36891062-4&cid=763117398.1696993162&jid=672407043&gjid=1397972373&_gid=841859131.1696993162&_u=IADAAEAAAAAAACAAI~&z=1657155602
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 11 Oct 2023 02:59:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30332
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLBnmTmwO%2Fy1wNpNKvadrtvRO9GqRL1vEQnldcxpvdCgdPha0F0JxzLpFLGZO6T7QTbNwupYMpfTFzr1TtvB2yl9gNZEn4X%2FdJbSvGdprYMzzQa6opGUGDwZq5nszfm0bmHu8BkeQz%2BBbQJrWKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8143d8c2acc765ca-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310de9600c8bb44cc93f7917cf8285ebd1ad24620773adf3f2df4e5e0db9dfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 14:20:27 GMT
server
cloudflare
x-amz-request-id
JFCBWY6QXEYRW3T7
age
3492
etag
W/"88086289b3f2ebf319996b249365dbe2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8143d8c2af12bbad-FRA
x-amz-id-2
kkMZvzmOtmsIkKRNc3l+kzOSM+mf6exJL1OBUwa1WjJFaS2/0v6mGxOuwfUj3Qdpm8PqSPshdlY=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 10:57:29 GMT
content-encoding
gzip
age
2131313
x-guploader-uploadid
ADPycdtmD1wiTrOpacBIYP9ssEidAwvjngT2uC9jYq-3zAubPPUHZdvbG1LH0DuehH907uBfD1f7-gwtrwYIsNOGClpGxQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 15 Sep 2024 10:57:29 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 Oct 2023 11:24:04 GMT
server
nginx
etag
W/"651bf9d4-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 12 Oct 2023 02:59:22 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Tue, 10 Oct 2023 05:16:05 GMT
Via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
78198
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
PvnUWMd7DfrhkjxE7swm8TNuEBsyqvZuwwRk5JBaN1foQCs1mfnsLQ==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:40:33 GMT
content-encoding
gzip
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1130
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
4Qn69avxSLvi4h0WSSRSTx--yjt-daNHk3rz20HeXcxGCosAcDTRgA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
5ffedbb82895be06e29a68a4bac209e9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
119083
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8143d8c3df6b4d79-FRA
expires
Sat, 14 Oct 2023 02:59:22 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7400:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5531a7467f0e324959b8c056c8ada8709116598b07d560936ff787ad7d5818b
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:42:04 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
1039
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7504
x-amz-expiration
expiry-date="Mon, 31 Jul 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Mon, 31 Jul 2023 15:05:44 GMT
server
AmazonS3
etag
"831ad85cf4ef2e916bda07dc20b4cc5d"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
mO_zQfjRxoHkXhmuNLRXJHJdQwojgDOf1c19SnAJ2b_J45mKTWww8Q==
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GS773KMQKY&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ea69e3eef164da10ec76a130db8fbd54e8465128f0ceb56a2a5c858256ad876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83203
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 11 Oct 2023 02:59:22 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QH5CZ9461Y&gtm=45je3a90&_p=235679897&cid=763117398.1696993162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696993162&sct=1&seg=0&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QH5CZ9461Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GS773KMQKY&gtm=45je3a90&_p=235679897&ul=en-us&sr=1600x1200&cid=763117398.1696993162&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sid=1696993162&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS773KMQKY&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&rid=esp&cc=1
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
6ad76df9c076ac50826147c9c12e08a73a037cc307371d7cca249e7b3467ddb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-wfm0nUe5fszU2p6++aymXCjLtjE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dacota.tw
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 11 Oct 2023 02:59:22 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://dacota.tw
location
/esp?url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
increment
id5-sync.com/api/esp/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dacota.tw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dacota.tw
date
Wed, 11 Oct 2023 02:59:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
embedr-47ad26da5deade67d472950b12c94b6c.js
widgets.flickr.com/embedr/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.flickr.com/embedr/embedr-47ad26da5deade67d472950b12c94b6c.js
Requested by
Host: embedr.flickr.com
URL: https://embedr.flickr.com/assets/embedr-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a782bcfd225befdc24238ade3ac94b33577f3a5e32d1e129415c2ca4e9dee7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 12:14:39 GMT
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified
Tue, 21 Mar 2023 21:44:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
2472284
etag
"9f2748071a73e4ef3feceb22e5a1cd74"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=536112000
accept-ranges
bytes
x-amz-meta-x-ysws-access
public
content-length
11335
x-amz-cf-id
LDuzVb5Wo6IGyASphqoG2kpqIo1iDcFjVZhrstHPf1xww8dMdqwRSw==
events
bidder.criteo.com/csm/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dacota.tw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dacota.tw
date
Wed, 11 Oct 2023 02:59:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 5A78 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dacota.tw
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dacota.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:22 GMT
server
Kestrel
server-processing-duration-in-ticks
279523
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.255.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cddbdd987971b27613c0f7829a8e973a1d5d58b8c993c028aebf26841c580e0e

Request headers

Referer
https://dacota.tw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://dacota.tw
cache-control
no-cache
x-server
10.45.23.82
access-control-allow-credentials
true
content-length
60
expires
0
GTM-KZ3XPM2.js
power.adhacker.online/ps/excl/ 		987 B
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://power.adhacker.online/ps/excl/GTM-KZ3XPM2.js
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=CEBU718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27606407f29bba2a8e8689d2e38a2a0894e33e91dd1b8676bb36b4918324c44c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdvwD56wbQsmijo6rnvPT3XZqm-IwY95cYchEz1KebHLej-BSxy5s2FVWulZtjJjbYPQushKCgREOnQadLNCAT6heg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 01 Oct 2023 13:00:22 GMT
server
cloudflare
etag
W/"492594e3e5c94174832aa2ee50e9fe9e"
vary
Accept-Encoding
x-goog-hash
crc32c=7ZSFzA==, md5=SSWU4+XJQXSDKqLuUOn+ng==
x-goog-generation
1696165222217464
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pElPRyrgB4oT0sepEspQV4O%2BeYnX5R0gVH%2FmwFWEv%2F7M8RF7w1WRrhAUdnlk5Cts5TIFglHtBaY%2Fw6Vy5CiH6SZTArPDusXUCCex69Ih%2BDDO3S8iw1w%2FYmb1roTl1abbu484Tfi014W9iWLOfwhRzMLygtM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
987
cf-ray
8143d8c40d269bac-FRA
expires
Wed, 11 Oct 2023 03:59:23 GMT
gtm.js
www.googletagmanager.com/ 		189 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KZ3XPM2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7d3e8aab32affcb9894c4f595fcee2eec9206e583fccd10d97cc40ce85956e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66751
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 00:14:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Oct 2023 02:59:22 GMT
gtm.js
www.googletagmanager.com/ 		214 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1454bf866baff7935127bb34e8269d8a9c837e3d8dfe4f81056048747cae76d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77960
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 00:14:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Oct 2023 02:59:22 GMT
bttp.js
power.adhacker.online/general/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://power.adhacker.online/general/bttp.js
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=CEBU718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6573
x-guploader-uploadid
ADPycdsY2HUgl9yAkgms10eKlxa4b-ttsVCNXTuSISn4sbk32Z5crG9WF5-1fhMJY2w8ftcj9yTsipH6xKK470uKH1SUnHR2yj6Y
x-goog-storage-class
REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
x-goog-meta-
last-modified
Mon, 26 Jul 2021 01:41:08 GMT
server
cloudflare
etag
W/"4c1ad9b189d5f0ec0a687e464bb0c987"
vary
Accept-Encoding
x-goog-generation
1627263668774739
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=KqZV5Q==, md5=TBrZsYnV8OwKaH5GS7DJhw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=1800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0by1sjoNjFxlV%2Bv1QSKGqOFJXwqmJ7QG7mY2kRxTPvd2r2gwXsaTQ%2FJkPatI2vCEJajrJOrJFo8i3np0MjGaLScLnIl%2BjXJswrKkrGIbBJXys5jxrDdYuag%2FJIpGweMhAbSESscet0kXVPE3tw4DQYrxWM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
6780
cf-ray
8143d8c51dcf9bac-FRA
expires
Wed, 11 Oct 2023 03:29:23 GMT
sid
mug.criteo.com/ Frame 5A78
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=dacota.tw&sn=ChromeSyncframe&so=0&topUrl=dacota.tw&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=gV1ffHxDcUpRY25CbHpPMnFvb1hTMmVXTzhaQ0JrZmh5ZkdFNnhFNmZnb0p4cGh3WlRHQWNiOE9YQi9Id0VPRnZDWldndjZObUY1ZG1iYnhaNVJ6N0lsQldlU2FSZ014bWE4MlRsYUdKY0NQR3Q5b1BQQ2pnU3c2YUVjNH...
419 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gV1ffHxDcUpRY25CbHpPMnFvb1hTMmVXTzhaQ0JrZmh5ZkdFNnhFNmZnb0p4cGh3WlRHQWNiOE9YQi9Id0VPRnZDWldndjZObUY1ZG1iYnhaNVJ6N0lsQldlU2FSZ014bWE4MlRsYUdKY0NQR3Q5b1BQQ2pnU3c2YUVjNHpIS21WeGl1UndYYzJqdThaNUx5SHVnSEowWlI3YkF1WGFOc1BQaFdTM3hOK2dHc1VGWTZQcGhhNFR5QlJxVUE5c1Rybk82bS83OHRqM21PMFpRcmVKVmloYzM3WDQxaGNwKzNjUWVleHNmeWU2d2xENjBrSXp4UW9DSXh3bFZxUFJ2b21HWFViaUp6b1ViSE9GU291bm00dS81anEzQT09fA&cppv=2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a9b6c8a24c5b588a39f6f11ef9457a5719c8242e4790b1f4359274ceb4bbdee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1320857
expires
0

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=gV1ffHxDcUpRY25CbHpPMnFvb1hTMmVXTzhaQ0JrZmh5ZkdFNnhFNmZnb0p4cGh3WlRHQWNiOE9YQi9Id0VPRnZDWldndjZObUY1ZG1iYnhaNVJ6N0lsQldlU2FSZ014bWE4MlRsYUdKY0NQR3Q5b1BQQ2pnU3c2YUVjNHpIS21WeGl1UndYYzJqdThaNUx5SHVnSEowWlI3YkF1WGFOc1BQaFdTM3hOK2dHc1VGWTZQcGhhNFR5QlJxVUE5c1Rybk82bS83OHRqM21PMFpRcmVKVmloYzM3WDQxaGNwKzNjUWVleHNmeWU2d2xENjBrSXp4UW9DSXh3bFZxUFJ2b21HWFViaUp6b1ViSE9GU291bm00dS81anEzQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
202972
content-length
0
expires
0
fed
ups.analytics.yahoo.com/ups/58813/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?v=1&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://dacota.tw
content-type
application/json
access-control-allow-credentials
true
config
powerads.breaktime.com.tw/v1/bt/ 		609 B
992 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerads.breaktime.com.tw/v1/bt/config?domain=dacota.tw&pid=CEBU718&device=desktop
Requested by
Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=CEBU718
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.208.76.145 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
aacc65a0692221735bd07af251bb51ec742a1e243bb8d07b0bb698090b928dda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:23 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.12.2
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://dacota.tw
Cache-Control
s-maxage=0, max-age=0, private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
609
collect
www.google-analytics.com/j/ 		15 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=235679897&t=pageview&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ul=en-us&de=UTF-8&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=389591781&gjid=2127603792&cid=763117398.1696993162&tid=UA-135689988-1&_gid=841859131.1696993162&_r=1&_slc=1&gtm=45He3a90n81W9CRLDW&z=1517945788
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3d1cc19c30936ba91c00ecde3eea5bd2fa034cff3e3b68b5ae9106f0e1291f13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 11 Oct 2023 01:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4181
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 11 Oct 2023 03:49:42 GMT
/
breaktime.tw/affiliation/ 		621 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://breaktime.tw/affiliation/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f88b30b4223c42fec632e214f164fa42a2f37ce0579adced90b7bfb7b713af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHbwX2sWPsOHUD56o4RSUWupBtLbeXNA3zJmpuUiK8fsFaXmxeClKEq1C0tCP%2Fn8SiAWmPVKg%2BmfAz%2BfYbix6Fb%2BBAEo50Ie2LUwR7MaFX2%2FYCSDEeuVpecS8WgKNtbVosGTgwiX%2B23qq%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8143d8c6ec9e195c-FRA
alt-svc
h3=":443"; ma=86400
pmp_ads_cfg.js
power.adhacker.online/pmp/ 		107 B
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://power.adhacker.online/pmp/pmp_ads_cfg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZ3XPM2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73fcf5092d5dbb7f06cf2ca7e0ff38522bb27cde183d53c522143f6aa4d35c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5303
x-guploader-uploadid
ADPycdtgeRo98FfrRaWMDsUwS7Q1Dg7A5gb-sh3aCn37PVm6c_7cUtse_8i1E-Hxrt9qpnzN2BJzHQGmaMfvtIAT038EzeF4mIVq
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 18 May 2022 10:18:21 GMT
server
cloudflare
etag
W/"fdd79f0570565c33347a76493d27dec5"
vary
Accept-Encoding
x-goog-hash
crc32c=v6ttTg==, md5=/defBXBWXDM0enZJPSfexQ==
x-goog-generation
1652869101996357
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FP65hOHowM41zL%2BbGwupDGuzDkglE4QfpotJCRtNx3ihIlIajAsmS5JQ5RRGPc39twVEUINkuObdK85Eux%2B4jc2UmJwMk9zM4tfzhDiYC5OPMdh%2FSuJDMvUTWHin9oiLZNFzleY6MNAolVTS8i4lbBAcBuo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
107
cf-ray
8143d8c5e82a3810-FRA
expires
Wed, 11 Oct 2023 03:59:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZ3XPM2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b77efdd75a2161998eef55b7ea4cb3f255b51052a47a47514f8933d00ac96576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50914
x-xss-protection
0
server
cafe
etag
9074074194591083065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:23 GMT
gpt.js
www.googletagservices.com/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZ3XPM2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
902e5ea022732fd3b34f262c5d5856c9caed8bdd65c8bde7fb2aaf0581d7a7c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29988
x-xss-protection
0
server
cafe
etag
529 / 19641 / 31078750 / config-hash: 1567846903150672402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:23 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 134A 		436 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=280&slotname=7466582712&adk=4156446376&adf=1840067851&pi=t.ma~as.7466582712&w=800&fwrn=4&fwrnh=100&lmt=1696985963&rafmt=1&format=800x280&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=3&bdt=2815&idt=-M&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250&nras=1&correlator=7798919204589&frm=20&pv=2&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=3774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NnqDJpnizG&p=https%3A//dacota.tw&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=dacota.tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4cba32282e88c1469293386b849bcb835f661ebd52265263d57d9dfbc65d874
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:23 GMT
expires
Wed, 11 Oct 2023 02:59:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BB76 		105 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=dacota.tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8345005189f7e08549ca9662018b90cd0b85de5629245a0234e40fd645de7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
31915
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:23 GMT
expires
Wed, 11 Oct 2023 02:59:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		980 B
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1759565397619036&correlator=955316593178920&eid=31078709&output=ldjh&gdfp_req=1&vrg=202310090201&ptt=17&impl=fifs&iu_parts=21704386080%2Cdacota_Sticky_RT_300250%2Cdacota_article_ML_336280%2Cdacota_article_MR_336280&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%2C336x280%2C336x280&ifi=5&didk=1769013833~823893820~823893819&sfv=1-0-40&sc=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&abxe=1&dt=1696993163269&lmt=1696985963&adxs=-9%2C-9%2C-9&adys=-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&vis=1&psz=0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2&ohw=0%2C0%2C0&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=true&ga_cid=841859131.1696993162&dlt=1696993160364&idt=2155&adks=2769275677%2C4062329919%2C1005173125&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ead3156e5fab3214954b0cf588a87206e034cdc5a556604af112f494762be64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		937 B
786 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1759565397619036&correlator=955316593178920&eid=31078709&output=ldjh&gdfp_req=1&vrg=202310090201&ptt=17&impl=fifs&iu_parts=21697024903%3A21704386080%2CBT_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=8&didk=2464141594&sfv=1-0-40&ists=1&fas=8&sc=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&abxe=1&dt=1696993163281&lmt=1696985963&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=true&ga_cid=841859131.1696993162&a3p=EhgKCXlhaG9vLmNvbRjW7rLlsTFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBiz6rLlsTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGLPqsuWxMUgAUgIIZBIZCgpwdWJjaWQub3JnGO_rsuWxMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiy6rLlsTFIAFICCGQSFwoIcnRiaG91c2UY8eyy5bExSABSAghqEhQKBW9wZW54GLLqsuWxMUgAUgIIZBIZCgp1aWRhcGkuY29tGLLqsuWxMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yn-6y5bExSABSAghq&dlt=1696993160364&idt=2155&prev_scp=zi-web%3Ddacota.tw%26zi-path%3D%252Fblog%252Fpost%252Fantdownload-2%26zi-partner%3DCEBU718&adks=2695839634&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
307378ffc72dfa9b68fb44cdb998c77976d324d413d5c072e0521a5d7c8c1fef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
448
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5497 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:23 GMT
expires
Thu, 10 Oct 2024 02:59:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl_page_level_ads.js?cb=31078709
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
099d96635ecab0dc36abcb344e531fb76ea0257ade5a97f0421fee84fcf44b91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 21:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
18794
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13193
x-xss-protection
0
server
cafe
etag
6543139919598466339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 09 Oct 2024 21:46:09 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3DCCEXXFQP&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
348d13301ff01a717d0df02099da13dbc756549c16244eb6bbd16bfc5dce935f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83197
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 11 Oct 2023 02:59:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1759565397619036&correlator=955316593178920&eid=31078709&output=ldjh&gdfp_req=1&vrg=202310090201&ptt=17&impl=fifs&iu_parts=21697024903%3A21704386080%2CAll_RHS&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C160x600%7C1x1%7C300x250%7C336x280&fluid=height&ifi=9&didk=2500421558&sfv=1-0-40&sc=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&abxe=1&dt=1696993163323&lmt=1696985963&adxs=1063&adys=565&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&vis=1&psz=340x0&msz=340x0&fws=0&ohw=0&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=true&ga_cid=841859131.1696993162&a3p=EhwKDWNyd2RjbnRybC5uZXQYs-qy5bExSABSAghkEhsKDDMzYWNyb3NzLmNvbRiz6rLlsTFIAFICCGQSGQoKcHViY2lkLm9yZxjv67LlsTFIAFICCGoSGAoJeWFob28uY29tGNbusuWxMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiy6rLlsTFIAFICCGQSFwoIcnRiaG91c2UY8eyy5bExSABSAghqEhQKBW9wZW54GLLqsuWxMUgAUgIIZBIZCgp1aWRhcGkuY29tGLLqsuWxMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yn-6y5bExSABSAghq&dlt=1696993160364&idt=2155&prev_scp=zi-web%3Ddacota.tw%26zi-path%3D%252Fblog%252Fpost%252Fantdownload-2%26zimediaForbid%3DGeneral&adks=1421777645&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acd7b12f5d9807c033e32675074156e491334a9d8767990a56d47f4e658c87b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16911
x-xss-protection
0
google-lineitem-id
6155749326
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412567334
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame F2C6 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 11 Oct 2023 02:59:23 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
r-log.dable.io/s/dacota.tw%2Fzimedia/u/00000000.0000000000000/ 		54 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r-log.dable.io/s/dacota.tw%2Fzimedia/u/00000000.0000000000000/view?url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ref=&lang=en-US&items%5B0%5D%5Bid%5D=dacota-136611&items%5B0%5D%5Blink%5D=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&cid=00000000.0000000000000&gdpr=1&z=275222&callback=dbljson2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.200.46.95 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-200-46-95.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Oct 2023 02:59:24 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
content-length
54
content-type
text/javascript; charset=utf-8
match2
act.ds.kakao.com/
Redirect Chain
  • https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220231011%22,%22u%22:%2200000000.0000000000000%22%7D%7D
0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220231011%22,%22u%22:%2200000000.0000000000000%22%7D%7D
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Server
211.249.220.158 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220231011%22,%22u%22:%2200000000.0000000000000%22%7D%7D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
1x1.gif
images.dable.io/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
  • https://images.dable.io/1x1.gif?google_gid=CAESENgjfiI_qhK3_PcriTu52lo&google_cver=1
42 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dable.io/1x1.gif?google_gid=CAESENgjfiI_qhK3_PcriTu52lo&google_cver=1
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Server
184.31.93.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-93-220.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
oKJFwmZ_5JYp0vaYHyM0FpQvWVQZV1l2
date
Wed, 11 Oct 2023 02:59:23 GMT
x-amz-request-id
FD5AV466TXBE18VC
x-amz-server-side-encryption
AES256
content-length
42
x-amz-id-2
SDMl/VF5WogYNW3ws0bJxIP2199hybENNgKLqRQNDBBOQTWr9aW6A9UQr64VC+kbnAwnM8rwkD8=
last-modified
Wed, 26 Jul 2023 06:47:12 GMT
server
nginx/1.20.0
etag
"d89746888da2d9510b64a9f031eaecd5"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://images.dable.io/1x1.gif?google_gid=CAESENgjfiI_qhK3_PcriTu52lo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm-exchange.toast.com/ 		0
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=00000000.0000000000000&toast_push
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:24 GMT
Server
nginx
Connection
close
P3P
CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"
cs
cs.gssprt.jp/yie/ld/ 		82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.16 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p016.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
82
content-type
application/octet-stream
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3DCCEXXFQP&gtm=45je3a90&_p=235679897&ul=en-us&sr=1600x1200&cid=763117398.1696993162&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sid=1696993163&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DCCEXXFQP&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame BB76 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 08:22:16 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BB76 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
48069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:38:14 GMT
ef1f6d24bef59513d7c49e9cf5bba5ca.js
www.gstatic.com/mysidia/ Frame BB76 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef1f6d24bef59513d7c49e9cf5bba5ca.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 21:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
539274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9440
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 21:11:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame BB76 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:36:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BB76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 16:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:17:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BB76 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame BB76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFFYlZLnekwwffI2_8Mn88f7Rc7HOZ_094CkliNleqs4_TQCop-hI6vER8noOYMIDFptWspaaAugmgJdVGn-w75gX68g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB76 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B8EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupeGKLOfDLn6Hdl_shI9F6fgkW1Da8b0JNEqsVna4oogeCa59uGl0NAidmkrrruTa_JTH8Tq_xzY-jkfdooETH-GOYIHmi3m1aSI-9E-XGNVPgLUnoLnH5sud_wVqiftbi-EnCHQO9sHnV_heWv2b59Us6ZBz8_M_fnG0unjCFQXGuATWynGt8Xjcl3tAF8kg9rUpLKqGHaK8hY26TUv8rpW-1Xc3XnF5T9s952pG4wId95vsJ8U-bs9qAK4EbwjVfebTBtLnkFgewFZe21YgnotMOSfQBvpqfP5ep4wTN1bXq_1Yiu0p6gvnaVCk&sai=AMfl-YSVSKf2Ftq9zB7eNvJD1AmJm6MUzuC0SiRchPZbzsitHX9oH38Gz502NY4SNR9FZX8EPWCUQDfaG-EbVxhmINRRAYt1b4z1uOfi7iE9EyE0hlWEfqO98_EHC1DGkC8&sig=Cg0ArKJSzLl_ikT5H431EAE&uach_m=[UACH]&adurl=
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B8EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 16:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:17:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B8EB 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:24 GMT
15965967111117885126
tpc.googlesyndication.com/simgad/ Frame B8EB 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15965967111117885126
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8121f0bbf1fc4164a6d49f1335b4381e466b860e8d98c4640495eccc259b266a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 07:48:02 GMT
x-content-type-options
nosniff
age
328281
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53930
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 14:51:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Oct 2024 07:48:02 GMT
l
www.google.com/ads/measurement/ Frame B8EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcrd04vMhQU0iGPejcFcZrDiHlj3tZlKeWDkfVNf8fxG1NgoAgb-wPggF1L2sCVLJF8w5tDeflekKKxEHosfTIpCr3Zw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
img
imageproxy.eu.criteo.net/img/ Frame BB76 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17251124OJ_14_F.JPG&ups=1&v=3&w=800&rid=4&s=hNkAaHWrrTJr0_VUWx9HCOx6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
30126d6808ce1cdc8f5af7b7f338ae31de58fa4bd415776c04ff1f26e2c3af64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
30714
expires
Wed, 02 Oct 2024 09:11:12 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BB76 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
observe-browsing-topics
?1
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35516
x-xss-protection
0
truncated
/ Frame B8EB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a91182f2a97241fc69a69934da44a568602ec27736abb072b0bf5b441b5286b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ACC5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 11 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BB76 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63364dafa388fda022de7a67e2f97ab4a5e1510c921070d065f187d8e575cd97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame ACC5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH8hLv-zjjHHM1lAOVzlaEc&google_cver=1&google_push=AXcoOmRckbU2QQLlGryhCmj3DPgKsv7JQZDPY-PyLxDKpPqq_UUGqK-ZgO867QDNFQfNkfTZGNt3cWj45uUx4tAUnA8c2SoCrUyvQA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA1ODQzNDM5NTczNTczNjMwMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJZLFWc3k60irkSi49pAa0w&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJZLFWc3k60irkSi49pAa0w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJZLFWc3k60irkSi49pAa0w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ACC5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK_J9dNbgG5an41mnEaNvxo&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK_J9dNbgG5an41mnEaNvxo&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXU1VE9hcWUxUVFwcnQ1&google_gid=CAESEK_J9dNbgG5an41mnEaNvxo&google_cver=1&google_push=AXcoOmSnouxUwDtijoVqGu0_WF_3QboOHBFWwqMKuewv7gA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXU1VE9hcWUxUVFwcnQ1&google_gid=CAESEK_J9dNbgG5an41mnEaNvxo&google_cver=1&google_push=AXcoOmSnouxUwDtijoVqGu0_WF_3QboOHBFWwqMKuewv7gA7ZNNbuqFmF6ATcXN3ju5KSbJUlEGMgu6YL3y1hOJ_23clU2Z18kpTtw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 11 Oct 2023 02:59:23 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-038ad97d93033251e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXU1VE9hcWUxUVFwcnQ1&google_gid=CAESEK_J9dNbgG5an41mnEaNvxo&google_cver=1&google_push=AXcoOmSnouxUwDtijoVqGu0_WF_3QboOHBFWwqMKuewv7gA7ZNNbuqFmF6ATcXN3ju5KSbJUlEGMgu6YL3y1hOJ_23clU2Z18kpTtw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ACC5
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOlhy3DFnROVnvNn2NmhYnE&google_cver=1&google_push=AXcoOmRoxjF6GktTP8CGKHtXOxbs7XVTXceBY5z33ufa4to2zwMq0STmR8iB_aStVQuOaWvY0z62wad_tHprTBpC...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=kfYBJ7sERioTemOfQ6uYzA&google_push=AXcoOmRoxjF6GktTP8CGKHtXOxbs7XVTXceBY5z33ufa4to2zwMq0STmR8iB_aStVQuOaWvY0z62wad_tHprTBpCychEtlcO5C5RJA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=kfYBJ7sERioTemOfQ6uYzA&google_push=AXcoOmRoxjF6GktTP8CGKHtXOxbs7XVTXceBY5z33ufa4to2zwMq0STmR8iB_aStVQuOaWvY0z62wad_tHprTBpCychEtlcO5C5RJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 11 Oct 2023 02:59:23 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=kfYBJ7sERioTemOfQ6uYzA&google_push=AXcoOmRoxjF6GktTP8CGKHtXOxbs7XVTXceBY5z33ufa4to2zwMq0STmR8iB_aStVQuOaWvY0z62wad_tHprTBpCychEtlcO5C5RJA
x-host
tde-deliveryengine-production-69fbf984b9-c2kzr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame ACC5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECTnxV2cr3eYEaaH525k6do&google_cver=1&google_push=AXcoOmQro7aZPQ3Rr1yEitkTKoKPdylnA68KvDXOsI6-fwrBydDHseCvu4Cd3HBSVBhDp8PsRFNyY0RccrFR_Ak81Scax05...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQro7aZPQ3Rr1yEitkTKoKPdylnA68KvDXOsI6-fwrBydDHseCvu4Cd3HBSVBhDp8PsRFNyY0RccrFR_Ak81Scax05Y7JLS&google_hm=eS10QjZFVkpKRTJwRXpCcm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQro7aZPQ3Rr1yEitkTKoKPdylnA68KvDXOsI6-fwrBydDHseCvu4Cd3HBSVBhDp8PsRFNyY0RccrFR_Ak81Scax05Y7JLS&google_hm=eS10QjZFVkpKRTJwRXpCcm5PbEM5R2dXV1ZjOHFOUFMyd35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 11 Oct 2023 02:59:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQro7aZPQ3Rr1yEitkTKoKPdylnA68KvDXOsI6-fwrBydDHseCvu4Cd3HBSVBhDp8PsRFNyY0RccrFR_Ak81Scax05Y7JLS&google_hm=eS10QjZFVkpKRTJwRXpCcm5PbEM5R2dXV1ZjOHFOUFMyd35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame ACC5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIHN5KdHJ_06j28ycmjsgRk&google_cver=1&google_push=AXcoOmRpKK65ia02-hmgGfM6xsuap0J1y4mcp-E6SYsk-lZnG2VXhip8PHSQR8Y-7aXiuC8qjhidmvIh...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIHN5KdHJ_06j28ycmjsgRk&google_cver=1&google_push=AXcoOmRpKK65ia02-hmgGfM6xsuap0J1y4mcp-E6SYsk-lZnG2VXhip8PHSQR8Y-7aXiuC8qjhi...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzOTc0NTUwNzM5MzQyMjQ3NQ&google_push=AXcoOmRpKK65ia02-hmgGfM6xsuap0J1y4mcp-E6SYsk-lZnG2VXhip8PHSQR8Y-7aXiuC8qjhidmv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzOTc0NTUwNzM5MzQyMjQ3NQ&google_push=AXcoOmRpKK65ia02-hmgGfM6xsuap0J1y4mcp-E6SYsk-lZnG2VXhip8PHSQR8Y-7aXiuC8qjhidmvIhGr5VEanthDFNsCBC7qk-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzOTc0NTUwNzM5MzQyMjQ3NQ&google_push=AXcoOmRpKK65ia02-hmgGfM6xsuap0J1y4mcp-E6SYsk-lZnG2VXhip8PHSQR8Y-7aXiuC8qjhidmvIhGr5VEanthDFNsCBC7qk-
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame ACC5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAeisCyuHl-fA_Z78NK1lwc&google_cver=1&google_push=AXcoOmS8HZiH0iVzgkv-L8F0z5-am7z8Vu0BARGT-N63zDB0FiNmimimml4HcKI1ox8BQr20iG2yLqSYyqsx...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS8HZiH0iVzgkv-L8F0z5-am7z8Vu0BARGT-N63zDB0FiNmimimml4HcKI1ox8BQr20iG2yLqSYyqsxd6TVYkyRj9wK5klWQg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS8HZiH0iVzgkv-L8F0z5-am7z8Vu0BARGT-N63zDB0FiNmimimml4HcKI1ox8BQr20iG2yLqSYyqsxd6TVYkyRj9wK5klWQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS8HZiH0iVzgkv-L8F0z5-am7z8Vu0BARGT-N63zDB0FiNmimimml4HcKI1ox8BQr20iG2yLqSYyqsxd6TVYkyRj9wK5klWQg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame ACC5
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEILo-gFXup9P...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRAau2lWd3pJFGQEqoUTPwn0QHgv4R_yqjyxtB-hQr_msDrwH4LMFSKY4nSj_VXIAXaDJ25jlmtmA1PfRPNY0xVjoo_2uAmHqo
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Server
23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-93-33.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Wed, 11 Oct 2023 02:59:24 GMT
pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame ACC5 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDGNSZkutfVQoUcYO-Ul9RaOf-6e2mzdHsY1j-H2Y8dcXHq8xW8KNjVtTslRGH1iCh7UNszA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230439076-1
Requested by
Host: breaktime.tw
URL: https://breaktime.tw/affiliation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e5b993a327b53083d017bfa569e0e4b9618127011e0b1bbdf330e36b8549cde0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69287
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 00:14:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Oct 2023 02:59:23 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230439076-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J4GY2HPNY1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5e9d7fa8884cc67adb6832afb642ce27fca0fd03cd331f96549e275819c221b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69292
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 00:14:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Oct 2023 02:59:23 GMT
/
cell.adbottw.net/affiliation/ 		0
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cell.adbottw.net/affiliation/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmfQznGuHSJJdv78AQvzWLrgGn37i%2BndE3rYLgVZkikfIv2seAdSHa64lof5E5jZ0uPOWPOv9df4iWtg%2BxdAtlgi7GIFiTuPLxE9O6XGGjL9aseoI4jDjmVpjH1MthmX8asvB0yROFCZFPB8j2wF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8143d8cb0b23916b-FRA
alt-svc
h3=":443"; ma=86400
pmp_ads.js
power.adhacker.online/pmp/ 		63 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://power.adhacker.online/pmp/pmp_ads.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZ3XPM2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dee97292cc74b3c842dc63337e243c5e89996aabce32593be1e36d494573f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5302
x-guploader-uploadid
ADPycdsLPkk80QewBS6lrO_pcNx5t4ZybofwfcjHoX3M5HDlfpouH0c_toaMkFwNHKR3jGIAOyNjsUi32cUpEXp3ZtgxTIDbs4zj
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 18 May 2022 10:18:21 GMT
server
cloudflare
etag
W/"90e3755e0f60542fe1ef74ba1639e239"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-hash
crc32c=ySZKkQ==, md5=kON1Xg9gVC/h73S6FjniOQ==
x-goog-generation
1652869101997911
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6MfPrAnKZEJrHwcQD1l5qbHvmEdCr64VrsRkfU2Z9CW7QLA2cycXGLwE7jKZVy2L1sqXSAeW2z9sln8OUvAxoGR6yOHdlgIQkkHm4xpfLiT76Ed1Tvni3BLbag%2FxQLMxSmj7U6HJIElj2YNWa00LQB%2BJEs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
63
cf-ray
8143d8ca5a6f3810-FRA
expires
Wed, 11 Oct 2023 03:59:23 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NCBMBRV2DM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230439076-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1821b594f6623d1e956c5e6cd8a947df9ec840a5ff754c7fb082bad8628298e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81520
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 11 Oct 2023 02:59:24 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=235679897&t=pageview&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ul=en-us&de=UTF-8&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=671520300&gjid=1594212101&cid=763117398.1696993162&tid=UA-230439076-1&_gid=841859131.1696993162&_r=1&gtm=457e3a90&jsscut=1&z=638480401
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230439076-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 11 Oct 2023 01:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4182
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 11 Oct 2023 03:49:42 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NCBMBRV2DM&gtm=45je3a90&_p=235679897&cid=763117398.1696993162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696993164&sct=1&seg=0&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCBMBRV2DM&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
powerads.breaktime.com.tw/v1/bt/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerads.breaktime.com.tw/v1/bt/ad
Requested by
Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=CEBU718
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.208.76.145 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
a13d149b709f9f6a1141e680da5605d0083b90a6b0d7355a0de49db4fa3cc116
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 11 Oct 2023 02:59:24 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.12.2
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://dacota.tw
Cache-Control
s-maxage=0, max-age=0, private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1328
ad
powerads.breaktime.com.tw/v1/bt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://powerads.breaktime.com.tw/v1/bt/ad
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.208.76.145 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dacota.tw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://dacota.tw
Allow
OPTIONS, POST
Cache-Control
s-maxage=0, max-age=0 private, max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 11 Oct 2023 02:59:24 GMT
Server
nginx/1.12.2
Vary
Origin
X-Content-Type-Options
nosniff
view
securepubads.g.doubleclick.net/pcs/ Frame B8EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSg0aN2OdNPMy0zjr29HyJy9ErPqKzF-8OioyXMKvvhzHqQE6mjwWB7L3UWNMKzx3kPLijdY6N6TvDqT1bE9yjeudYMwWTGExB774KucBw2ORjj36GoNkcNkPg36E-lI8G0hAPVQIfhtluiDt7RfSY6NI9CQ5LOkK7f1Slqw75F2kQSCCPhzDErTUirQheJ2o-Bv9tw2tqigFKxAziIwLLMZZXvPU5UaHY4LQaTmq_iEUkj9LSYKDP316Wdqjk1q6bKAHrGENJzZa1pPSujGJh2_jr-ww0bE9LO6DiAY7DPxy4nURR9xIWdMg55bs8KQ&sai=AMfl-YTF1Ki7C4wF1NkbcxuwVEHhLtreizGMmjUUnd9mTBJcLuylVd-I56AJ5tKy5aB8kcMkEG6x4c5ofeA9T0ZJ21bE_AkdN41zZMm2F4R3HGW3iaYajnN6N-2zPBfOuXU&sig=Cg0ArKJSzA_TeB_xG_WJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 11 Oct 2023 02:59:24 GMT
js
www.googletagmanager.com/gtag/ 		272 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FBS0VZNK7P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J4GY2HPNY1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb6517c944f010ef3fa9d47b38f5523d339823651cb36d0bf66fbf0d4fed63c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93060
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 11 Oct 2023 02:59:24 GMT
css
fonts.googleapis.com/ Frame E866 		8 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:17:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Oct 2023 02:59:24 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E866 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
48070
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:38:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame E866 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:36:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E62B 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E866 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 16:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:17:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E866 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame E866 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKKcXtbWbHYhzTMKZhtSH0Rr75iBYEVqUeAhZhMqHedvMbIu1gdfd4b73dHBo_0yAR7xvc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E866 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:24 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame E866 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 10:17:18 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FBS0VZNK7P&gtm=45je3a90&_p=235679897&_gaz=1&cid=763117398.1696993162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696993164&sct=1&seg=0&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBS0VZNK7P&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FBS0VZNK7P&cid=763117398.1696993162&gtm=45je3a90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBS0VZNK7P&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FBS0VZNK7P&cid=763117398.1696993162&gtm=45je3a90&aip=1&z=45799316
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E866 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
si
googleads.g.doubleclick.net/pagead/drt/ Frame E62B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:24 GMT
expires
Wed, 11 Oct 2023 02:59:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:24 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1759565397619036&correlator=955316593178920&eid=31078709%2C44801493&output=ldjh&gdfp_req=1&vrg=202310090201&ptt=17&impl=fifs&iu_parts=21697024903%3A21704386080%2CBT_a_SB1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C1x1%7C300x250%7C300x600&ifi=10&didk=2998117063&sfv=1-0-40&sc=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&abxe=1&dt=1696993164676&lmt=1696985964&adxs=1063&adys=3027&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&vis=1&psz=340x0&msz=340x0&fws=0&ohw=0&psts=AOrYGsmf0dTCMej4yDuM4AStpeUoMs1cv3IQ4o2gfUDrM64pDxL2i3CGjmZ6XUzr2ZzpvxCedGr3esWWGRYF8MZGgw%2CAOrYGskE-Up7dssgq9qdvFNdDyKWkHsAe4okQM0j_n83qyS1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=true&ga_cid=841859131.1696993162&a3p=EhwKDWNyd2RjbnRybC5uZXQYs-qy5bExSABSAghkEhsKDDMzYWNyb3NzLmNvbRiz6rLlsTFIAFICCGQSGQoKcHViY2lkLm9yZxjv67LlsTFIAFICCGoSGAoJeWFob28uY29tGNbusuWxMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiy6rLlsTFIAFICCGQSFwoIcnRiaG91c2UY8eyy5bExSABSAghqEj4KBW9wZW54EixleUpwSWpvaVUwSjJLMnhFZUVsUmFUSmhiRGN2UlhZd1kxaFRRVDA5SW4wPRjZ8LLlsTFIABIZCgp1aWRhcGkuY29tGLLqsuWxMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yn-6y5bExSABSAghq&dlt=1696993160364&idt=2155&prev_scp=zi-web%3Ddacota.tw%26zi-path%3D%252Fblog%252Fpost%252Fantdownload-2%26zi-partner%3DCEBU718%26zi-cwidth%3DSmall&adks=3109226946&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df456fb7e8bcc8b17bfd316362fbdc74d7bf38d305cc34ffdebb49cebc4726cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11500
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1759565397619036&correlator=955316593178920&eid=31078709%2C44801493&output=ldjh&gdfp_req=1&vrg=202310090201&ptt=17&impl=fifs&iu_parts=21697024903%3A21704386080%2CBT_a_SBS1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x600%7C300x250%7C160x600&ifi=11&didk=782529683&sfv=1-0-40&sc=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&abxe=1&dt=1696993164682&lmt=1696985964&adxs=1063&adys=3908&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&vis=1&psz=340x0&msz=340x0&fws=0&ohw=0&psts=AOrYGsmf0dTCMej4yDuM4AStpeUoMs1cv3IQ4o2gfUDrM64pDxL2i3CGjmZ6XUzr2ZzpvxCedGr3esWWGRYF8MZGgw%2CAOrYGskE-Up7dssgq9qdvFNdDyKWkHsAe4okQM0j_n83qyS1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=true&ga_cid=841859131.1696993162&a3p=EhwKDWNyd2RjbnRybC5uZXQYs-qy5bExSABSAghkEhsKDDMzYWNyb3NzLmNvbRiz6rLlsTFIAFICCGQSGQoKcHViY2lkLm9yZxjv67LlsTFIAFICCGoSGAoJeWFob28uY29tGNbusuWxMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiy6rLlsTFIAFICCGQSFwoIcnRiaG91c2UY8eyy5bExSABSAghqEj4KBW9wZW54EixleUpwSWpvaVUwSjJLMnhFZUVsUmFUSmhiRGN2UlhZd1kxaFRRVDA5SW4wPRjZ8LLlsTFIABIZCgp1aWRhcGkuY29tGLLqsuWxMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yn-6y5bExSABSAghq&dlt=1696993160364&idt=2155&prev_scp=zi-web%3Ddacota.tw%26zi-path%3D%252Fblog%252Fpost%252Fantdownload-2%26zi-partner%3DCEBU718%26zi-cwidth%3DSmall&adks=698065496&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9ca96b765316b7de34c63b5b7cb6e863924db9c94b93735e9ca3b305207ef8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16212
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1759565397619036&correlator=955316593178920&eid=31078709%2C44801493&output=ldjh&gdfp_req=1&vrg=202310090201&ptt=17&impl=fifs&iu_parts=21697024903%3A21704386080%2CBT_a_F1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C468x60%7C336x280%7C320x50%7C320x100%7C300x250&ifi=12&didk=1061932178&sfv=1-0-40&sc=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&abxe=1&dt=1696993164687&lmt=1696985964&adxs=315&adys=5861&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AOrYGsmf0dTCMej4yDuM4AStpeUoMs1cv3IQ4o2gfUDrM64pDxL2i3CGjmZ6XUzr2ZzpvxCedGr3esWWGRYF8MZGgw%2CAOrYGskE-Up7dssgq9qdvFNdDyKWkHsAe4okQM0j_n83qyS1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=true&ga_cid=841859131.1696993162&a3p=EhwKDWNyd2RjbnRybC5uZXQYs-qy5bExSABSAghkEhsKDDMzYWNyb3NzLmNvbRiz6rLlsTFIAFICCGQSGQoKcHViY2lkLm9yZxjv67LlsTFIAFICCGoSGAoJeWFob28uY29tGNbusuWxMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiy6rLlsTFIAFICCGQSFwoIcnRiaG91c2UY8eyy5bExSABSAghqEj4KBW9wZW54EixleUpwSWpvaVUwSjJLMnhFZUVsUmFUSmhiRGN2UlhZd1kxaFRRVDA5SW4wPRjZ8LLlsTFIABIZCgp1aWRhcGkuY29tGLLqsuWxMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yn-6y5bExSABSAghq&dlt=1696993160364&idt=2155&prev_scp=zi-web%3Ddacota.tw%26zi-path%3D%252Fblog%252Fpost%252Fantdownload-2%26zi-partner%3DCEBU718%26zi-cwidth%3DLarge&adks=2794108862&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dac9371851f39b7af532e12e3450a4f30f1d3545990a7902ca86a2d6c7bfe654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11687
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1759565397619036&correlator=955316593178920&eid=31078709%2C44801493&output=ldjh&gdfp_req=1&vrg=202310090201&ptt=17&impl=fifs&iu_parts=21697024903%3A21704386080%2CBT_ar_iR_Pa1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C730x250%7C728x90%7C640x360%7C468x60%7C336x280%7C320x100%7C320x480%7C320x50%7C300x250&ifi=13&didk=2665441095&sfv=1-0-40&sc=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&abxe=1&dt=1696993164696&lmt=1696985964&adxs=197&adys=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&vis=1&psz=800x0&msz=800x0&fws=0&ohw=0&psts=AOrYGsmf0dTCMej4yDuM4AStpeUoMs1cv3IQ4o2gfUDrM64pDxL2i3CGjmZ6XUzr2ZzpvxCedGr3esWWGRYF8MZGgw%2CAOrYGskE-Up7dssgq9qdvFNdDyKWkHsAe4okQM0j_n83qyS1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=true&ga_cid=841859131.1696993162&a3p=EhwKDWNyd2RjbnRybC5uZXQYs-qy5bExSABSAghkEhsKDDMzYWNyb3NzLmNvbRiz6rLlsTFIAFICCGQSGQoKcHViY2lkLm9yZxjv67LlsTFIAFICCGoSGAoJeWFob28uY29tGNbusuWxMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiy6rLlsTFIAFICCGQSFwoIcnRiaG91c2UY8eyy5bExSABSAghqEj4KBW9wZW54EixleUpwSWpvaVUwSjJLMnhFZUVsUmFUSmhiRGN2UlhZd1kxaFRRVDA5SW4wPRjZ8LLlsTFIABIZCgp1aWRhcGkuY29tGLLqsuWxMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yn-6y5bExSABSAghq&dlt=1696993160364&idt=2155&prev_scp=zi-web%3Ddacota.tw%26zi-path%3D%252Fblog%252Fpost%252Fantdownload-2%26zi-partner%3DCEBU718%26zi-cwidth%3DMedium&adks=3575641038&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01d47363c6d9daaf573997c9349b00626d85e4f5bb08f4649b62c7b7555e0e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11466
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dacota.tw
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1759565397619036&correlator=955316593178920&eid=31078709%2C44801493&output=ldjh&gdfp_req=1&vrg=202310090201&ptt=17&impl=fifs&iu_parts=21697024903%3A21704386080%2CBT_a_SB1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C1x1%7C300x250%7C300x600&ifi=14&didk=2998117064&sfv=1-0-40&sc=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&abxe=1&dt=1696993164707&lmt=1696985964&adxs=1063&adys=1009&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&vis=1&psz=340x0&msz=340x0&fws=0&ohw=0&psts=AOrYGsmf0dTCMej4yDuM4AStpeUoMs1cv3IQ4o2gfUDrM64pDxL2i3CGjmZ6XUzr2ZzpvxCedGr3esWWGRYF8MZGgw%2CAOrYGskE-Up7dssgq9qdvFNdDyKWkHsAe4okQM0j_n83qyS1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=true&ga_cid=841859131.1696993162&a3p=EhwKDWNyd2RjbnRybC5uZXQYs-qy5bExSABSAghkEhsKDDMzYWNyb3NzLmNvbRiz6rLlsTFIAFICCGQSGQoKcHViY2lkLm9yZxjv67LlsTFIAFICCGoSGAoJeWFob28uY29tGNbusuWxMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiy6rLlsTFIAFICCGQSFwoIcnRiaG91c2UY8eyy5bExSABSAghqEj4KBW9wZW54EixleUpwSWpvaVUwSjJLMnhFZUVsUmFUSmhiRGN2UlhZd1kxaFRRVDA5SW4wPRjZ8LLlsTFIABIZCgp1aWRhcGkuY29tGLLqsuWxMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yn-6y5bExSABSAghq&dlt=1696993160364&idt=2155&prev_scp=zi-web%3Ddacota.tw%26zi-path%3D%252Fblog%252Fpost%252Fantdownload-2%26zi-partner%3DCEBU718%26zi-cwidth%3DSmall&adks=3109226947&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66f37cf0c5c97861eb339eda128793ef1f55ca51177a04cd1275964cffb70bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16129
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E866 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdb1067cdb531b3330ed23578dce0e27f6522e8e63b5b2b962d8f9e01903de4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame E866 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:16:19 GMT
x-content-type-options
nosniff
age
463385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:16:19 GMT
bootstrap.min.js
brain.adbot.tw/js/ 		38 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/js/bootstrap.min.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
293efabe8c9d4314f5fbddbc95bf9c9d61f612a48d94d27ff3bb948522315fb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 May 2020 10:29:11 GMT
ETag
W/"5eb928f7-964c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 11 Oct 2023 03:59:25 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame E866
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C8rISig8mZevqGburiQbAs5rYBMmrjapzhv6d8fER8daa_po6EAEgzJSJE2CVwqaCsAegAfT__-kCyAEBqQLrch_bjomyPqgDAcgDywSqBOgBT9DICcszO8suc2AY5WUiApm0Fm3c-QhEW4Y...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213505641945005481452%22,%22debug_reporting%22:true,%22destination%22:%22https://msc.com%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213505641945005481452%22,%22debug_reporting%22:true,%22destination%22:%22https://msc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22759169012%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227387884793132239633%22}&andc=true
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"13505641945005481452","debug_reporting":true,"destination":"https://msc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["759169012"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"7387884793132239633"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 11 Oct 2023 02:59:25 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Oct 2023 02:59:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13505641945005481452","debug_reporting":true,"destination":"https://msc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["759169012"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"7387884793132239633"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame A2FA 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&h=250&slotname=3949631173&adk=309144408&adf=1948988595&pi=t.ma~as.3949631173&w=300&lmt=1696985962&format=300x250&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993162310&bpp=3&bdt=1946&idt=3&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1063&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MWJnRO968m&p=https%3A//dacota.tw&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
501729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:37:15 GMT
lgn.php
cat.nl3.eu.criteo.com/delivery/ Frame BB76 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=EmsZfUe0DEZWuthciO9dL2D_Iq4epP03AtLoIvC4As5wg6REO5lIEO4gbMS_mU76mLGO8TfpRqVLw648c7aootRcr0LnST7A0_DcQh9xmudkIYARah9obBGQ2lhF9TOl8J__pBfMwaPieBaT1J75jd4EuvsFdIfPJxebotXCf-vTsgv2PtDBtlvyiABqwn9uxtlR18QaYfOjo4nXF0IH2iqgrDFVT2nHJZ1w4Jvaet44azyO4YbOa2iT5BRy0PlF_GrnlukxLvxnS7u8CmKMps-rw-jCxc_f3RkxPWKu6Wi3nZgnMN7vmtWRxG6d8syTfJpuilBWEDA0PihLRo8G0vXHWgcBer3agtDzjd2GSxeqRpUHwF9FaGSMxOKiTe-NB6pPBHfLljFuPeYwygoaXDyQjyL7ZfKGWqvCcxlxiwRemcemOFRsw99Y2BetGg5U4yp1EsCtKbQXztAo7fJ3hWibTkc&z=ZSYPiwAEm_UCHkPnAAE5xeHT1S5pMyWotmNMkw&cbvp=2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2641218
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame BB76 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ksWCFIrGMAAAnYNiAgIAAAAJ7G-d1QbtG2oqMngQig8mZRkGtbxw39lvVqMAABIDAQoKQVFVQkFRRUJBUQ&wp=ZSYPiwAEm_UCHkPnAAE5xeHT1S5pMyWotmNMkw&cbvp=2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:24 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
143120
server
Kestrel
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame BB76 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cw7CJiw8mZfW3EueH-cAPxfOEyAHJntKxXPXalvdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTc3NTc4MDM3NjM1MjMyMTTIAQmpAnoQ32YYyrE-qAMBqgTYAU_QqDKF8djkyJt_4n2ZmXOCt5l03T5EC4uOpmgB-HOvZ63CiwjPvfX3F0mgoVru1t2B-U_IyVX7acUIvSq3CdTPFknIHE27JeD208cURFwpIYDr6yKpih4i-SDo-soLd5uYWtAM-J6Un_NnGGVusMk1__PcY7XFyP09MO6qVU_c8RYlaKCb5j4bMoJVb09-XRQFuY_XgZQ6EFEz-HMBxpu18fzQycj9YK_Q3nOJFmkYRKjk2Yuamos-bSbI-j7p3GvBtqj01YFPsE-PM43TnAxOV9NHf2GkBIAGke_d3vHl3rYFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc3NTc4MDM3NjM1MjMyMTQYAA&sigh=8iSMLCgQJHA&uach_m=[UACH]&cid=CAQSPADICaaNTqKIaCcxbJioxXxZXtMGVmzOWbfIkunXBYgEM3q9lrsid09BIX7pwqg0PgwGXCLESv8PyC0c3xgB&vt=10&cbvp=2&vis=1
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Oct 2023 02:59:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame BB76 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CguyYiw8mZfW3EueH-cAPxfOEyAHJntKxXPXalvdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTc3NTc4MDM3NjM1MjMyMTTIAQmpAnoQ32YYyrE-qAMByAMCqgTYAU_QqDKF8djkyJt_4n2ZmXOCt5l03T5EC4uOpmgB-HOvZ63CiwjPvfX3F0mgoVru1t2B-U_IyVX7acUIvSq3CdTPFknIHE27JeD208cURFwpIYDr6yKpih4i-SDo-soLd5uYWtAM-J6Un_NnGGVusMk1__PcY7XFyP09MO6qVU_c8RYlaKCb5j4bMoJVb09-XRQFuY_XgZQ6EFEz-HMBxpu18fzQycj9YK_Q3nOJFmkYRKjk2Yuamos-bSbI-j7p3GvBtqj01YFPsE-PM43TnAxOV9NHf2GkBIAGke_d3vHl3rYFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc3NTc4MDM3NjM1MjMyMTQYAA&sigh=bkn6oREv0PI&uach_m=[UACH]&cid=CAQSPADICaaNTqKIaCcxbJioxXxZXtMGVmzOWbfIkunXBYgEM3q9lrsid09BIX7pwqg0PgwGXCLESv8PyC0c3xgB&cbvp=2&vis=1
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757803763523214&output=html&h=480&slotname=1378005552&adk=3114121736&adf=2073432674&pi=t.ma~as.1378005552&w=800&cr_col=4&cr_row=2&fwrn=2&lmt=1696985963&rafmt=9&format=800x480&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696993163179&bpp=2&bdt=2815&idt=2&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee86e9efb1af42d0-222db31a42df0006%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MYh5SJzixTWirA4LGwpzI2eo32nmw&gpic=UID%3D00000c94a205ae30%3AT%3D1696993161%3ART%3D1696993161%3AS%3DALNI_MauWnK3DoZUT1590tzRj7Ex9eKh4A&prev_fmts=0x0%2C300x250%2C800x280&nras=1&correlator=7798919204589&frm=20&pv=1&ga_vid=763117398.1696993162&ga_sid=1696993162&ga_hid=235679897&ga_fc=1&ga_cid=841859131.1696993162&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=197&ady=4054&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078362%2C42531705%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1759565397619036&tmod=1838353952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kVHxa5MSe4&p=https%3A//dacota.tw&dtd=67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Oct 2023 02:59:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213505641945005481452%22,%22debug_reporting%22:true,%22destination%22:%22https://msc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22759169012%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227387884793132239633%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 11 Oct 2023 02:59:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD5E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:23 GMT
expires
Thu, 10 Oct 2024 02:59:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F698 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGPGF8vkBMAE&v=APEucNXYaWKX9G3IAq0uJW-8VoB96EHxgk4rNvFDLWn72W0B8Oo4WewVA2Dbyjb5n5CQCA1LdMdaQEbuFncp2ppjdgvAuAoKbDFRr5Gb-mG1EPpaDJxbgJMHYWkQSLr5rP1UAptvuhZp1HPaL0c6p4yEDWgdJ4M7Bg3Kow5M4sjLf5y80dBT_Ws
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FD5E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD5E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BddfXHFuk6VUR1EJQBDAgUIk_tmpEhKRhRgWTwdG_lJzO9P6PjZoJ7Iyb6EKW6twOdVIXlWmSwzLoyR07YKdm_CaRtsgMQPoH5LmIsWeRQK0Jj5lg
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD5E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7616556678025786866&x=1&ct=76
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FD5E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 16:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:17:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FD5E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame FD5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpHp2MxFZKAcR4o6-vzGxW0E4pFZQ6tI9-pwz2dHuG4YI6YyD98Czz9sPKhxRzzyH42o-utE3iZO-8_eFPK26QcB8WPA
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD5E 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:25 GMT
rum
dsum-sec.casalemedia.com/ Frame F698
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1&C=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGPGF8vkBMAE&v=APEucNXYaWKX9G3IAq0uJW-8VoB96EHxgk4rNvFDLWn72W0B8Oo4WewVA2Dbyjb5n5CQCA1LdMdaQEbuFncp2ppjdgvAuAoKbDFRr5Gb-mG1EPpaDJxbgJMHYWkQSLr5rP1UAptvuhZp1HPaL0c6p4yEDWgdJ4M7Bg3Kow5M4sjLf5y80dBT_Ws
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctsnFbjtHVhVJyYtrNnN3o1EhGnYceBNI0uw9%2BrW5Hv2pd6Z0nWCefoyaHxlDxd3%2FNMHSGdbmrJZ78fXs53NXBIpLQ0R%2B3Y7WyqVtCc46h%2FIdLUKMn%2BZOjn7wozOx%2BJtDOkJg1V5dY5t1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8143d8d398e92c56-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iblHq%2BI3lpnyM4hxqRdKrIGlX2XL%2B5kempxgQRWOKBEvjSyBzxY7e3%2FdPKdDIns5kNYnLUEh0h6WvEkbqiRJB%2Bfq4FEKy5bT4WVhRYuF1qTbqJJ2%2Ffvcrf8hCGfOkpkIJoXh695k0tAARA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1&C=1
cache-control
no-cache
cf-ray
8143d8d2f8962c56-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame F698
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSYPjfbL8ilQGflWJ.dabAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1&google_hm=2
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGPGF8vkBMAE&v=APEucNXYaWKX9G3IAq0uJW-8VoB96EHxgk4rNvFDLWn72W0B8Oo4WewVA2Dbyjb5n5CQCA1LdMdaQEbuFncp2ppjdgvAuAoKbDFRr5Gb-mG1EPpaDJxbgJMHYWkQSLr5rP1UAptvuhZp1HPaL0c6p4yEDWgdJ4M7Bg3Kow5M4sjLf5y80dBT_Ws
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JYSUCjyVRSK4Uk%2Flh7bHeDSbG1JiYXNvfqAAc5iboBc7Hc0Cgi1xoROnMOfq%2BluwMIeUoye%2Bt76CqcSqYi1l7Q86GCB0ZSeJE1UV9OaUucde0Zqq2sY9jORRjPksfKM6JIhq9XRrbDhOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8143d8d4feeb914c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhXx8CQglLQyMvyvlK3j60&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame F698
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENNGtaSz8eHHcbWIUJK_OY0&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENNGtaSz8eHHcbWIUJK_OY0%26google_cver%3D1
43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENNGtaSz8eHHcbWIUJK_OY0%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGPGF8vkBMAE&v=APEucNXYaWKX9G3IAq0uJW-8VoB96EHxgk4rNvFDLWn72W0B8Oo4WewVA2Dbyjb5n5CQCA1LdMdaQEbuFncp2ppjdgvAuAoKbDFRr5Gb-mG1EPpaDJxbgJMHYWkQSLr5rP1UAptvuhZp1HPaL0c6p4yEDWgdJ4M7Bg3Kow5M4sjLf5y80dBT_Ws
Protocol
H2
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
an-x-request-uuid
76467cef-432b-4bfa-a0a0-ece14257ba83
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.107; 80.255.7.107; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
an-x-request-uuid
063e10fe-6d4b-4ec2-b250-73b79046c325
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENNGtaSz8eHHcbWIUJK_OY0%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.107; 80.255.7.107; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F698
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NTMyMTE1NzY4OTg3OTM1NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NTMyMTE1NzY4OTg3OTM1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGPGF8vkBMAE&v=APEucNXYaWKX9G3IAq0uJW-8VoB96EHxgk4rNvFDLWn72W0B8Oo4WewVA2Dbyjb5n5CQCA1LdMdaQEbuFncp2ppjdgvAuAoKbDFRr5Gb-mG1EPpaDJxbgJMHYWkQSLr5rP1UAptvuhZp1HPaL0c6p4yEDWgdJ4M7Bg3Kow5M4sjLf5y80dBT_Ws
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
an-x-request-uuid
67b7be2d-028a-4dbc-8767-38f3619b2137
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NTMyMTE1NzY4OTg3OTM1NA%3D%3D
x-proxy-origin
80.255.7.107; 80.255.7.107; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD5E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3073541142486&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD5E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3073541142486&version=m202309260101&ct=76&x=1&cor=7616556678025786000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FD5E 		90 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzAPj-DpdUykLZYcO8kgMjrReBgc8eJr6kxcP3Bo57uSxVF-S_jzZWdKjg4js0bLG36PsBkOnicJKJ1LXQf7Qd0GZ2zw&cry=1&dbm_d=AKAmf-DPTg86stf7-gLuBZ_y4426_DWUVSrrLagOc-Jx7Q6zt1VX62UHWZUWFtJzLgbBq7nABcokL0FOrwJNsU8ila72HEdq9MUqkzfOhSoMgx5EOOE6cJC2yJLP6DfQUwmjPWOvI9GjC7ap7a9d99UdukkuRHYc_ohxae4FENvhkLs9jHRxtyU7GHwZYvQoHwdM5wOz5diiyTQIAGz-RCnPYPVoBSOLFIht3UghuU19uDqq0BuWTP6c0N5T5vjSwqNjiJmxaUx4b7VCMp3WSpOiv8kTpR8P6eP2JYDhiqS3oyPyHv2dG9ooD_17T9vw5nn1feh4aHilwX_iaFMK64ortbhNw9DFKDmIrm-XIIVM3pIDaIqLaUa_Yj_T1mvJOlNTSMZG6hkWsBeksOL1Vbazx3RTC4QlmFjJzxfw1pBcMACEzDel9FBQZa1AOGmBQhFT6KzAifPBBjQ_2jvYbEjE3iCCPnp9KZiCVfz8g7W5If-y3xtcsot1n7sprZGlK-jbtV7bGoM40d1sKZJBXTJIJkJGrjUEkVqO8BuhQGaYAMpm3w2AxluzbZZWdoSlZZHMyVQKDHGB0lQFdTCEKMG9x3y-xmBWg7R5uPNpQndg1GtLeCtJaTkD3k_pHEd5hQYptWehUpbPzLsepmNuz82CaS9k3SyqyTouv88l-fTHSddimYt5loYrf8Xuo3erzuZUeR8UhkF5zvp2VX3THScKmL3dZUZpioHrQEmw3S0AsOixeVF6tV9hgI1nE3GhfjwmF3nPL8C0YRFOJGxG-l8jI4B3NoJ7-yx_HU20teyrAhseGDNRSLI5SBGjweALWA9VJnEeKiIlcifKtzJ8DNezIVUPoviRSt934Eu06q725LeLuoyPTdWeV6gYnKN8MyD2cOUzf2pwB9ro409kZYCtVoCFlGDQpiqdAcuCqudG0lqfI3Z4_K7bzCXwd4y9jB4MGiMK5wuOeUO22D_r6nJo41tqVIeBMBCZHoxu0--wGnx7UMXwvVCY7nI-8dINvSirDgsoAFYGqgJqi7BFJhclgg4SOVRRlbhLEEi7LtARe2UzGRtHqtq2a0-WnDYoAuZ3Z5KjuKiLro2OGHQXhq2rYpC_JVJOMgjg2ocZhsgTPv0wKkTOb6FmBqaTEfVcrg9GOeNzJajxtxI51sKzx-IAlV6PJcSwbgBRrgVkEwp2-i_D-fh4bdet4h57o-B9GRcYUknXOyXpPG9kyIYiyHv3K9N2WErvrN3spovgiCjnoVSoU53h8CrxNscXQs0BDkxSc2L0YKtBAGQPR1QFc9ghR7NmUOW0NLZSVYdB53HYvZFPRaCq2R4PgNmIiEezPh_jyjDuofGCdusTHEIBOMWdjHqnnuOBhnEmYKiNiLjL8Hd3TQS7xDE5c1EYsHMDXsm9m_2E88tswTbK6BAri80aCxbEpJGDFcURHXukkDRIR6PBZWLj-nh0_KkPkE-4qX2iFSq8feCvFli_0NBFsjrkgIslCD2mUz3v7orIgS4W61sJk9jBJS49dQ0tjIguyWKxso2uYdaXQ345UfKj0pber3IEyjsXGOCK1guMLhY56B83mgCnljJxx76-nDFdx-uWBrrI7UsM9-hk64ktGFuIsOFvDtHapOJdc1F0Nwp4k5--w9OPfuhJ5FXdYWAPdZAInFAyfFzsLcTTCy3E0q82xcNU-g7pTL48jrBoPrDFa9_M-GapfWvKrTActdAGLV17HGeUUMZVcNebi3zE5qbz2Bbxb-VxXUfIA15QeEADJsrZ3BcLJmc0Yay7U8vRwtlr7UWu_UvRKgom_IWh-Q5rXM1o1tAvJDwU44xqxoAs9jMqtvlgXc1HD0gm1UHaK5H5Qoh9WewbdEB5FyFBwjoG4sIgjCXdkiHI0pA6FLxsogjpZfkZBe0lD6DExyKCv9Sa8Skj3o1fA4ThTw9IOEmYvnO-Xqul1tLtlZ7JN9mukwiULN__wAoyUmvfG-75Ld6yfhcmlvD9ZAYayo5lTE1Jv1mUcVohVm5gkxXNUkp-E7FKYzwJs2X2OajMZ6MEm90aHXY_7cUByJwaoSKdph4NIF67zyu00Pexf3PuaUn53wxOvKfAycVMsdRP1c3MiUD7QdkGHgn-2SeLXgMf2TROqIkkupS0McpnlMI7L8JHoiroHyqxKhT0GEe7tOCALLUTJrwhx-rvIRXvO5siWI4XH3LxojXGt13Facz0-gH1Q_aVDjT-AyYzXGMgFWfNWhfZlYxQBiyuK7ftiZ5O5S3z3A5u8hWxBqIrKnP8o1wwvKN3FhrQ1TdSF0byCuWuSAPw_kEMdWSDwljX4bCs5r0FSB6MkU1SVVZDxnOKg_crLl8KTFbdMC108zy330RjohJbWp_QhNZYjCEIqalnEzCFHwYtlJdPj_fYe-ueZ9l-D0ISeRA7iBl8ROoKwvrriuQ147jXuTzIJmELhI9kD4xGjeTBoyvrtIAWO-N_oMhNc3X0sIBkQvMQDbvQRZUUNbCJ-HmDIJsR4UxhT34hTVQF9NQpeR93UuvaBNgQzBrR3znIfw6RMA4uP3wjlvYLHbn_ZV-iwf5C9xXmoWtqzcVTSTg4s_ppmY0IpNE_nKm7yofhmkYmQfV48nVuJX72_eefI6zqykFnBdT9duasIdEujHRbG0B3eNyU-wdiTCzckAMQW-6OEYIknhBgXHLouVlWHh27HJ1g_w9TcoY5uyTWryKGyfG7rpANs8pZgV8JCScpwchADuEMBIgU-mg921AiKm2FJuXlFoE7hG-ZERDK36C1jXlLLqafYeAfiV_ytbC2yOr-BZINASuavs_pSsDkQr8CHhFMoJSvtGK--rZ2bzTGzcmtQaWxyE5NbWBZm1KSqb3WU2nu9lYnhRhz35SSj5r9ol_USWtAg5KU8YuAJcnfnbmkbU1ACc3ejcRRkpNHnp3xXxnEE7saQfjaPDYOv_JoAMeuu7-tulTeLAUlLvqKUZ7MJATOk0zeQvP587m7ZhSAjajLsCvJHMlhUfLmwWUFAyeeW-5loISUsjLeljCebjJ9Qtuq99S7fFOyOizQscwDoCP8i6XaBAHGxZitUUAPXOTx9Cl6JKgCCKHOFHYWEAB2d7gPa3Rx9NEikqVCQIJ6sg5UvCjm_EVV3R5-VndH6W8JLDusrRINZkedesTKQ1DYJomctRq5ePUQ40saeEyN9ofpdqVcvLGLmcxOOGKSr-K6UDYY4zawIl_IZuK4m02qDCLEEQvN4eWsDSx14Wiym1IpD5h_3Pm5pUztfgiQOboyYSY9yVWXxVnBylyQkSmPO8CHgOo97MJMdCiwpsX2A1Q72Dd6stp7VzmUueGGVL2jDMfi2FA3G7mFg7p545uGINoMxMWBsgueyMV-gt7M3fGXt0FcINOKTA67GJip5ysoRRxUOxszqOsK-LqJRXkTjKQIpkrfIbERBl5c7RkTxm3j0GvabVVKCCVCqJf1vA_jW2T8WkjNippL8WQyQyaTLcUYQkNmF7VNJBwfs5hLJH2W2_Nugq1I1oBN48MPrxt6RnVnCLL9ExeP2eDRAdCGvunATsWOjD8T5NCfhhSHrBvHRLg8TOQbqzglX0ER_X699WFK-Kgcda__-mKwanaAhpGZ86lJNCu9Bk-fLRdTCsQL5kQZUXEFOVn5lqF3ywCmI6yAdnOpn5ks-t_UG9ELdI-N0gA1KSdNpZNoNhPkD5KmAWTQVj7S0rHio2Wp2LPU-4CZRnzUkR7tRK__71glcbFyWqI6Uedg2N_551S47BfMpaUkts7zPya7y3sC-rbgndgfJ0VwmnYiuGcTHqFBw-SO8dOb22R9wVcTOltwoQXVPjVmf8WRNf11Lg6md0LM7N-KSc0IbGBhTQdvc4FQS5orA8uI3G3p9JcPFk_iR6LPbPkRCBuh-o1Y7Pm_c0wOf4RTUc0EPt4IfY8RfProVpdR1_Al4pzPPMoh-xv4q6jHSES2XoviclCfJASVfxB65rn4fZhb5xmdB96d9GuABw&cid=CAQSPADICaaN9-3rPptevKun5wyxvUk-hb3gjXJSfqsxPQgievfwn0xCAtPEF7pQnuyuM_eN3MSRuMCXEc8cNhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ds=l&xdt=1&iif=1&cor=7616556678025786000&adk=3944675600&idt=72&cac=0&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e89a9ff7ad9a1a5b728025b665eb20e7deabbd54b58263f066ab92bcd882e323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38700
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 76FF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:23 GMT
expires
Thu, 10 Oct 2024 02:59:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dr
as.ad4m.at/ad/ Frame 1F08 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gyvfq4t6hy68pqys6rrxf1j7zcpfgy6z7z6ps96vnek9zrbv4m09610kgr3dq5yx3e7cv2jp6h57m7t8pp8b1gq711m9b7832py9ezdev4szeh25zq2b6j2hg7p0gv8ehp3nchv9jge3jp0sxtzep8t62rbr688jeb962834x2033z1wynn3hjvf44xbn85rv50bzqt3qb6mn5ac26dr77btjdw85x2pxa8cck5svxrek2mrsxbbmn7x47frefbew2wxw0qkxbh8d5x24y6z6mcfw67nwy5nb5qh21pvhq9gw40m9m789r910h2p12wk9ce1v9fe4dvsy48qcx9sy6knzpxjas8pcqhefvj2eqmr0c8a41q6tse6brzr1mc3w2r5492pvmqv8gqd0mc8ff12f9fja7dnhemwp1saq7015yxekgcmn46p47975sbngd126zzst5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%26client%3Dca-pub-7968146525597976%26adurl%3D
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e9389b6af83ded8a4808180236576e595f4758ce61c02f4d0b07fce20e6496
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8143d8d3ca0e1911-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:25 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 76FF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 16:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:17:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E72C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68640
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 11 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 76FF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame 76FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTb1IbOM3xB3LheATpFz38cRQReUfQf02Nn9mBVTnCqCdZd13Tb-4o0cLEAl9aJ4GEO_TIHhcTu_yAIBPtU0niW3Nu_LQ
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 76FF 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
419116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 05 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 76FF 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:25 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame FD5E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Origin
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame FD5E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzAPj-DpdUykLZYcO8kgMjrReBgc8eJr6kxcP3Bo57uSxVF-S_jzZWdKjg4js0bLG36PsBkOnicJKJ1LXQf7Qd0GZ2zw&cry=1&dbm_d=AKAmf-DPTg86stf7-gLuBZ_y4426_DWUVSrrLagOc-Jx7Q6zt1VX62UHWZUWFtJzLgbBq7nABcokL0FOrwJNsU8ila72HEdq9MUqkzfOhSoMgx5EOOE6cJC2yJLP6DfQUwmjPWOvI9GjC7ap7a9d99UdukkuRHYc_ohxae4FENvhkLs9jHRxtyU7GHwZYvQoHwdM5wOz5diiyTQIAGz-RCnPYPVoBSOLFIht3UghuU19uDqq0BuWTP6c0N5T5vjSwqNjiJmxaUx4b7VCMp3WSpOiv8kTpR8P6eP2JYDhiqS3oyPyHv2dG9ooD_17T9vw5nn1feh4aHilwX_iaFMK64ortbhNw9DFKDmIrm-XIIVM3pIDaIqLaUa_Yj_T1mvJOlNTSMZG6hkWsBeksOL1Vbazx3RTC4QlmFjJzxfw1pBcMACEzDel9FBQZa1AOGmBQhFT6KzAifPBBjQ_2jvYbEjE3iCCPnp9KZiCVfz8g7W5If-y3xtcsot1n7sprZGlK-jbtV7bGoM40d1sKZJBXTJIJkJGrjUEkVqO8BuhQGaYAMpm3w2AxluzbZZWdoSlZZHMyVQKDHGB0lQFdTCEKMG9x3y-xmBWg7R5uPNpQndg1GtLeCtJaTkD3k_pHEd5hQYptWehUpbPzLsepmNuz82CaS9k3SyqyTouv88l-fTHSddimYt5loYrf8Xuo3erzuZUeR8UhkF5zvp2VX3THScKmL3dZUZpioHrQEmw3S0AsOixeVF6tV9hgI1nE3GhfjwmF3nPL8C0YRFOJGxG-l8jI4B3NoJ7-yx_HU20teyrAhseGDNRSLI5SBGjweALWA9VJnEeKiIlcifKtzJ8DNezIVUPoviRSt934Eu06q725LeLuoyPTdWeV6gYnKN8MyD2cOUzf2pwB9ro409kZYCtVoCFlGDQpiqdAcuCqudG0lqfI3Z4_K7bzCXwd4y9jB4MGiMK5wuOeUO22D_r6nJo41tqVIeBMBCZHoxu0--wGnx7UMXwvVCY7nI-8dINvSirDgsoAFYGqgJqi7BFJhclgg4SOVRRlbhLEEi7LtARe2UzGRtHqtq2a0-WnDYoAuZ3Z5KjuKiLro2OGHQXhq2rYpC_JVJOMgjg2ocZhsgTPv0wKkTOb6FmBqaTEfVcrg9GOeNzJajxtxI51sKzx-IAlV6PJcSwbgBRrgVkEwp2-i_D-fh4bdet4h57o-B9GRcYUknXOyXpPG9kyIYiyHv3K9N2WErvrN3spovgiCjnoVSoU53h8CrxNscXQs0BDkxSc2L0YKtBAGQPR1QFc9ghR7NmUOW0NLZSVYdB53HYvZFPRaCq2R4PgNmIiEezPh_jyjDuofGCdusTHEIBOMWdjHqnnuOBhnEmYKiNiLjL8Hd3TQS7xDE5c1EYsHMDXsm9m_2E88tswTbK6BAri80aCxbEpJGDFcURHXukkDRIR6PBZWLj-nh0_KkPkE-4qX2iFSq8feCvFli_0NBFsjrkgIslCD2mUz3v7orIgS4W61sJk9jBJS49dQ0tjIguyWKxso2uYdaXQ345UfKj0pber3IEyjsXGOCK1guMLhY56B83mgCnljJxx76-nDFdx-uWBrrI7UsM9-hk64ktGFuIsOFvDtHapOJdc1F0Nwp4k5--w9OPfuhJ5FXdYWAPdZAInFAyfFzsLcTTCy3E0q82xcNU-g7pTL48jrBoPrDFa9_M-GapfWvKrTActdAGLV17HGeUUMZVcNebi3zE5qbz2Bbxb-VxXUfIA15QeEADJsrZ3BcLJmc0Yay7U8vRwtlr7UWu_UvRKgom_IWh-Q5rXM1o1tAvJDwU44xqxoAs9jMqtvlgXc1HD0gm1UHaK5H5Qoh9WewbdEB5FyFBwjoG4sIgjCXdkiHI0pA6FLxsogjpZfkZBe0lD6DExyKCv9Sa8Skj3o1fA4ThTw9IOEmYvnO-Xqul1tLtlZ7JN9mukwiULN__wAoyUmvfG-75Ld6yfhcmlvD9ZAYayo5lTE1Jv1mUcVohVm5gkxXNUkp-E7FKYzwJs2X2OajMZ6MEm90aHXY_7cUByJwaoSKdph4NIF67zyu00Pexf3PuaUn53wxOvKfAycVMsdRP1c3MiUD7QdkGHgn-2SeLXgMf2TROqIkkupS0McpnlMI7L8JHoiroHyqxKhT0GEe7tOCALLUTJrwhx-rvIRXvO5siWI4XH3LxojXGt13Facz0-gH1Q_aVDjT-AyYzXGMgFWfNWhfZlYxQBiyuK7ftiZ5O5S3z3A5u8hWxBqIrKnP8o1wwvKN3FhrQ1TdSF0byCuWuSAPw_kEMdWSDwljX4bCs5r0FSB6MkU1SVVZDxnOKg_crLl8KTFbdMC108zy330RjohJbWp_QhNZYjCEIqalnEzCFHwYtlJdPj_fYe-ueZ9l-D0ISeRA7iBl8ROoKwvrriuQ147jXuTzIJmELhI9kD4xGjeTBoyvrtIAWO-N_oMhNc3X0sIBkQvMQDbvQRZUUNbCJ-HmDIJsR4UxhT34hTVQF9NQpeR93UuvaBNgQzBrR3znIfw6RMA4uP3wjlvYLHbn_ZV-iwf5C9xXmoWtqzcVTSTg4s_ppmY0IpNE_nKm7yofhmkYmQfV48nVuJX72_eefI6zqykFnBdT9duasIdEujHRbG0B3eNyU-wdiTCzckAMQW-6OEYIknhBgXHLouVlWHh27HJ1g_w9TcoY5uyTWryKGyfG7rpANs8pZgV8JCScpwchADuEMBIgU-mg921AiKm2FJuXlFoE7hG-ZERDK36C1jXlLLqafYeAfiV_ytbC2yOr-BZINASuavs_pSsDkQr8CHhFMoJSvtGK--rZ2bzTGzcmtQaWxyE5NbWBZm1KSqb3WU2nu9lYnhRhz35SSj5r9ol_USWtAg5KU8YuAJcnfnbmkbU1ACc3ejcRRkpNHnp3xXxnEE7saQfjaPDYOv_JoAMeuu7-tulTeLAUlLvqKUZ7MJATOk0zeQvP587m7ZhSAjajLsCvJHMlhUfLmwWUFAyeeW-5loISUsjLeljCebjJ9Qtuq99S7fFOyOizQscwDoCP8i6XaBAHGxZitUUAPXOTx9Cl6JKgCCKHOFHYWEAB2d7gPa3Rx9NEikqVCQIJ6sg5UvCjm_EVV3R5-VndH6W8JLDusrRINZkedesTKQ1DYJomctRq5ePUQ40saeEyN9ofpdqVcvLGLmcxOOGKSr-K6UDYY4zawIl_IZuK4m02qDCLEEQvN4eWsDSx14Wiym1IpD5h_3Pm5pUztfgiQOboyYSY9yVWXxVnBylyQkSmPO8CHgOo97MJMdCiwpsX2A1Q72Dd6stp7VzmUueGGVL2jDMfi2FA3G7mFg7p545uGINoMxMWBsgueyMV-gt7M3fGXt0FcINOKTA67GJip5ysoRRxUOxszqOsK-LqJRXkTjKQIpkrfIbERBl5c7RkTxm3j0GvabVVKCCVCqJf1vA_jW2T8WkjNippL8WQyQyaTLcUYQkNmF7VNJBwfs5hLJH2W2_Nugq1I1oBN48MPrxt6RnVnCLL9ExeP2eDRAdCGvunATsWOjD8T5NCfhhSHrBvHRLg8TOQbqzglX0ER_X699WFK-Kgcda__-mKwanaAhpGZ86lJNCu9Bk-fLRdTCsQL5kQZUXEFOVn5lqF3ywCmI6yAdnOpn5ks-t_UG9ELdI-N0gA1KSdNpZNoNhPkD5KmAWTQVj7S0rHio2Wp2LPU-4CZRnzUkR7tRK__71glcbFyWqI6Uedg2N_551S47BfMpaUkts7zPya7y3sC-rbgndgfJ0VwmnYiuGcTHqFBw-SO8dOb22R9wVcTOltwoQXVPjVmf8WRNf11Lg6md0LM7N-KSc0IbGBhTQdvc4FQS5orA8uI3G3p9JcPFk_iR6LPbPkRCBuh-o1Y7Pm_c0wOf4RTUc0EPt4IfY8RfProVpdR1_Al4pzPPMoh-xv4q6jHSES2XoviclCfJASVfxB65rn4fZhb5xmdB96d9GuABw&cid=CAQSPADICaaN9-3rPptevKun5wyxvUk-hb3gjXJSfqsxPQgievfwn0xCAtPEF7pQnuyuM_eN3MSRuMCXEc8cNhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ds=l&xdt=1&iif=1&cor=7616556678025786000&adk=3944675600&idt=72&cac=0&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
47734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame FD5E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzAPj-DpdUykLZYcO8kgMjrReBgc8eJr6kxcP3Bo57uSxVF-S_jzZWdKjg4js0bLG36PsBkOnicJKJ1LXQf7Qd0GZ2zw&cry=1&dbm_d=AKAmf-DPTg86stf7-gLuBZ_y4426_DWUVSrrLagOc-Jx7Q6zt1VX62UHWZUWFtJzLgbBq7nABcokL0FOrwJNsU8ila72HEdq9MUqkzfOhSoMgx5EOOE6cJC2yJLP6DfQUwmjPWOvI9GjC7ap7a9d99UdukkuRHYc_ohxae4FENvhkLs9jHRxtyU7GHwZYvQoHwdM5wOz5diiyTQIAGz-RCnPYPVoBSOLFIht3UghuU19uDqq0BuWTP6c0N5T5vjSwqNjiJmxaUx4b7VCMp3WSpOiv8kTpR8P6eP2JYDhiqS3oyPyHv2dG9ooD_17T9vw5nn1feh4aHilwX_iaFMK64ortbhNw9DFKDmIrm-XIIVM3pIDaIqLaUa_Yj_T1mvJOlNTSMZG6hkWsBeksOL1Vbazx3RTC4QlmFjJzxfw1pBcMACEzDel9FBQZa1AOGmBQhFT6KzAifPBBjQ_2jvYbEjE3iCCPnp9KZiCVfz8g7W5If-y3xtcsot1n7sprZGlK-jbtV7bGoM40d1sKZJBXTJIJkJGrjUEkVqO8BuhQGaYAMpm3w2AxluzbZZWdoSlZZHMyVQKDHGB0lQFdTCEKMG9x3y-xmBWg7R5uPNpQndg1GtLeCtJaTkD3k_pHEd5hQYptWehUpbPzLsepmNuz82CaS9k3SyqyTouv88l-fTHSddimYt5loYrf8Xuo3erzuZUeR8UhkF5zvp2VX3THScKmL3dZUZpioHrQEmw3S0AsOixeVF6tV9hgI1nE3GhfjwmF3nPL8C0YRFOJGxG-l8jI4B3NoJ7-yx_HU20teyrAhseGDNRSLI5SBGjweALWA9VJnEeKiIlcifKtzJ8DNezIVUPoviRSt934Eu06q725LeLuoyPTdWeV6gYnKN8MyD2cOUzf2pwB9ro409kZYCtVoCFlGDQpiqdAcuCqudG0lqfI3Z4_K7bzCXwd4y9jB4MGiMK5wuOeUO22D_r6nJo41tqVIeBMBCZHoxu0--wGnx7UMXwvVCY7nI-8dINvSirDgsoAFYGqgJqi7BFJhclgg4SOVRRlbhLEEi7LtARe2UzGRtHqtq2a0-WnDYoAuZ3Z5KjuKiLro2OGHQXhq2rYpC_JVJOMgjg2ocZhsgTPv0wKkTOb6FmBqaTEfVcrg9GOeNzJajxtxI51sKzx-IAlV6PJcSwbgBRrgVkEwp2-i_D-fh4bdet4h57o-B9GRcYUknXOyXpPG9kyIYiyHv3K9N2WErvrN3spovgiCjnoVSoU53h8CrxNscXQs0BDkxSc2L0YKtBAGQPR1QFc9ghR7NmUOW0NLZSVYdB53HYvZFPRaCq2R4PgNmIiEezPh_jyjDuofGCdusTHEIBOMWdjHqnnuOBhnEmYKiNiLjL8Hd3TQS7xDE5c1EYsHMDXsm9m_2E88tswTbK6BAri80aCxbEpJGDFcURHXukkDRIR6PBZWLj-nh0_KkPkE-4qX2iFSq8feCvFli_0NBFsjrkgIslCD2mUz3v7orIgS4W61sJk9jBJS49dQ0tjIguyWKxso2uYdaXQ345UfKj0pber3IEyjsXGOCK1guMLhY56B83mgCnljJxx76-nDFdx-uWBrrI7UsM9-hk64ktGFuIsOFvDtHapOJdc1F0Nwp4k5--w9OPfuhJ5FXdYWAPdZAInFAyfFzsLcTTCy3E0q82xcNU-g7pTL48jrBoPrDFa9_M-GapfWvKrTActdAGLV17HGeUUMZVcNebi3zE5qbz2Bbxb-VxXUfIA15QeEADJsrZ3BcLJmc0Yay7U8vRwtlr7UWu_UvRKgom_IWh-Q5rXM1o1tAvJDwU44xqxoAs9jMqtvlgXc1HD0gm1UHaK5H5Qoh9WewbdEB5FyFBwjoG4sIgjCXdkiHI0pA6FLxsogjpZfkZBe0lD6DExyKCv9Sa8Skj3o1fA4ThTw9IOEmYvnO-Xqul1tLtlZ7JN9mukwiULN__wAoyUmvfG-75Ld6yfhcmlvD9ZAYayo5lTE1Jv1mUcVohVm5gkxXNUkp-E7FKYzwJs2X2OajMZ6MEm90aHXY_7cUByJwaoSKdph4NIF67zyu00Pexf3PuaUn53wxOvKfAycVMsdRP1c3MiUD7QdkGHgn-2SeLXgMf2TROqIkkupS0McpnlMI7L8JHoiroHyqxKhT0GEe7tOCALLUTJrwhx-rvIRXvO5siWI4XH3LxojXGt13Facz0-gH1Q_aVDjT-AyYzXGMgFWfNWhfZlYxQBiyuK7ftiZ5O5S3z3A5u8hWxBqIrKnP8o1wwvKN3FhrQ1TdSF0byCuWuSAPw_kEMdWSDwljX4bCs5r0FSB6MkU1SVVZDxnOKg_crLl8KTFbdMC108zy330RjohJbWp_QhNZYjCEIqalnEzCFHwYtlJdPj_fYe-ueZ9l-D0ISeRA7iBl8ROoKwvrriuQ147jXuTzIJmELhI9kD4xGjeTBoyvrtIAWO-N_oMhNc3X0sIBkQvMQDbvQRZUUNbCJ-HmDIJsR4UxhT34hTVQF9NQpeR93UuvaBNgQzBrR3znIfw6RMA4uP3wjlvYLHbn_ZV-iwf5C9xXmoWtqzcVTSTg4s_ppmY0IpNE_nKm7yofhmkYmQfV48nVuJX72_eefI6zqykFnBdT9duasIdEujHRbG0B3eNyU-wdiTCzckAMQW-6OEYIknhBgXHLouVlWHh27HJ1g_w9TcoY5uyTWryKGyfG7rpANs8pZgV8JCScpwchADuEMBIgU-mg921AiKm2FJuXlFoE7hG-ZERDK36C1jXlLLqafYeAfiV_ytbC2yOr-BZINASuavs_pSsDkQr8CHhFMoJSvtGK--rZ2bzTGzcmtQaWxyE5NbWBZm1KSqb3WU2nu9lYnhRhz35SSj5r9ol_USWtAg5KU8YuAJcnfnbmkbU1ACc3ejcRRkpNHnp3xXxnEE7saQfjaPDYOv_JoAMeuu7-tulTeLAUlLvqKUZ7MJATOk0zeQvP587m7ZhSAjajLsCvJHMlhUfLmwWUFAyeeW-5loISUsjLeljCebjJ9Qtuq99S7fFOyOizQscwDoCP8i6XaBAHGxZitUUAPXOTx9Cl6JKgCCKHOFHYWEAB2d7gPa3Rx9NEikqVCQIJ6sg5UvCjm_EVV3R5-VndH6W8JLDusrRINZkedesTKQ1DYJomctRq5ePUQ40saeEyN9ofpdqVcvLGLmcxOOGKSr-K6UDYY4zawIl_IZuK4m02qDCLEEQvN4eWsDSx14Wiym1IpD5h_3Pm5pUztfgiQOboyYSY9yVWXxVnBylyQkSmPO8CHgOo97MJMdCiwpsX2A1Q72Dd6stp7VzmUueGGVL2jDMfi2FA3G7mFg7p545uGINoMxMWBsgueyMV-gt7M3fGXt0FcINOKTA67GJip5ysoRRxUOxszqOsK-LqJRXkTjKQIpkrfIbERBl5c7RkTxm3j0GvabVVKCCVCqJf1vA_jW2T8WkjNippL8WQyQyaTLcUYQkNmF7VNJBwfs5hLJH2W2_Nugq1I1oBN48MPrxt6RnVnCLL9ExeP2eDRAdCGvunATsWOjD8T5NCfhhSHrBvHRLg8TOQbqzglX0ER_X699WFK-Kgcda__-mKwanaAhpGZ86lJNCu9Bk-fLRdTCsQL5kQZUXEFOVn5lqF3ywCmI6yAdnOpn5ks-t_UG9ELdI-N0gA1KSdNpZNoNhPkD5KmAWTQVj7S0rHio2Wp2LPU-4CZRnzUkR7tRK__71glcbFyWqI6Uedg2N_551S47BfMpaUkts7zPya7y3sC-rbgndgfJ0VwmnYiuGcTHqFBw-SO8dOb22R9wVcTOltwoQXVPjVmf8WRNf11Lg6md0LM7N-KSc0IbGBhTQdvc4FQS5orA8uI3G3p9JcPFk_iR6LPbPkRCBuh-o1Y7Pm_c0wOf4RTUc0EPt4IfY8RfProVpdR1_Al4pzPPMoh-xv4q6jHSES2XoviclCfJASVfxB65rn4fZhb5xmdB96d9GuABw&cid=CAQSPADICaaN9-3rPptevKun5wyxvUk-hb3gjXJSfqsxPQgievfwn0xCAtPEF7pQnuyuM_eN3MSRuMCXEc8cNhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ds=l&xdt=1&iif=1&cor=7616556678025786000&adk=3944675600&idt=72&cac=0&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
46925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FD5E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
417661
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 84ED 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68640
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 11 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FD5E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce5be1266bcc413dfb04d3018c10f3fa33d87343085e6d8ff7b5ac7dd5ca56a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame B8EB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvaqEk8RtLbifXuyVWC4VY4M9UJIdRHsIMyQfOI3pduQjCQSbryZhsMXvg3Dx-R8yy3Kx1sIZ2yZVCW1XIzasFJJZ40AWgSYyhaXwLF2SxcjM85ch0ugW3kwyGJxts&sig=Cg0ArKJSzLC6NwNJCH9nEAE&id=lidar2&mcvt=1028&p=564,1063,814,1363&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20231009&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1421777645&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696993163673&rpt=671&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 76FF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d726cbd0bfd16142c9a1aaed67e4a2639e60221234471be756eef1ae5ef81c39

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
google
match.adsrvr.org/track/cmf/ Frame E72C 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF7-5PD-7lRSv1HT9cJF2Ck&google_cver=1&google_push=AXcoOmTSWUS5EBVSox8wfgwN015tqhQY-r63VwUf6T36SX8JSTrNiMxV21la_Fau70Y2bNuuq7_-PHHor_e97kJeCcUdMeDpa_0y
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E72C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHVFUK2tbNO84gbiG9MBU_8&google_cver=1&google_push=AXcoOmRy5gsy5atuuhLctftyZsvPLyss2dqbu-4HUrfpNQHtFPR7jjAAXkKomxHJJYlatj6G5zdNE5B-oBvENW...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODUzMDE0NTIxODE5NzY2MQ%3D%3D&google_push=AXcoOmRy5gsy5atuuhLctftyZsvPLyss2dqbu-4HUrfpNQHtFPR7jjAAXkKomxHJJYlatj6G5zdNE5B-oBvENWTxYA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODUzMDE0NTIxODE5NzY2MQ%3D%3D&google_push=AXcoOmRy5gsy5atuuhLctftyZsvPLyss2dqbu-4HUrfpNQHtFPR7jjAAXkKomxHJJYlatj6G5zdNE5B-oBvENWTxYAxsPdba_ZA
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODUzMDE0NTIxODE5NzY2MQ%3D%3D&google_push=AXcoOmRy5gsy5atuuhLctftyZsvPLyss2dqbu-4HUrfpNQHtFPR7jjAAXkKomxHJJYlatj6G5zdNE5B-oBvENWTxYAxsPdba_ZA
Date
Wed, 11 Oct 2023 02:59:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame E72C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTGyW...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmTGyW28Kg5olwDPxDce4Bz4NWEtE1t0ch8MNrOgWlt7uSolHUp9pZfNCi69F5xrUG_1ZZ6c_hlP9Epk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmTGyW28Kg5olwDPxDce4Bz4NWEtE1t0ch8MNrOgWlt7uSolHUp9pZfNCi69F5xrUG_1ZZ6c_hlP9EpkPYnv7jJIDPomAhU
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmTGyW28Kg5olwDPxDce4Bz4NWEtE1t0ch8MNrOgWlt7uSolHUp9pZfNCi69F5xrUG_1ZZ6c_hlP9EpkPYnv7jJIDPomAhU
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
699519
content-length
0
expires
Wed, 11 Oct 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame E72C 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHuVR1S9A6FIY-fJIrk_N00&google_cver=1&google_push=AXcoOmQiphiQarqtm-SrUWBBS_HA8Nx6AaHDbj-JFhAtdePMlVI-dw7znb6sMW8rFsWy6d4wPUHMTgxRq3MAyDbMLkWi18eJEefC
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame E72C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oOhDs88XSLebx_SUSSE_rA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oOhDs88XSLebx_SUSSE_rA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmREsvm6tn4BJVmO7evYXMaid2v1ZEKdb1IbtilivjAsRRQMgWYAewYbvsXC5akgSS1irkWRCmo6KJOq_eUcLRbi1sdvXDAg
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oOhDs88XSLebx_SUSSE_rA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmREsvm6tn4BJVmO7evYXMaid2v1ZEKdb1IbtilivjAsRRQMgWYAewYbvsXC5akgSS1irkWRCmo6KJOq_eUcLRbi1sdvXDAg
date
Wed, 11 Oct 2023 02:59:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E72C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmReKC0Nqi4ArBUYPz_DAOXNbUWy4RIUY6mEmLz2bv0DFhPF9W17z6fJxgAmAdbpogn3nVrUy7N9D9kosRWz6FRktueiGYyv&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-0a114b25-db00-4a0d-987e-897c333c22d8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmReKC0Nqi4ArBUYPz_DA...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmReKC0Nqi4ArBUYPz_DAOXNbUWy4RIUY6mEmLz2bv0DFhPF9W17z6fJxgAmAdbpogn3nVrUy7N9D9kosRWz6FRktueiGYyv&google_hm=AwoRSyXbAEoNmH6JfDM8Itg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmReKC0Nqi4ArBUYPz_DAOXNbUWy4RIUY6mEmLz2bv0DFhPF9W17z6fJxgAmAdbpogn3nVrUy7N9D9kosRWz6FRktueiGYyv&google_hm=AwoRSyXbAEoNmH6JfDM8Itg
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmReKC0Nqi4ArBUYPz_DAOXNbUWy4RIUY6mEmLz2bv0DFhPF9W17z6fJxgAmAdbpogn3nVrUy7N9D9kosRWz6FRktueiGYyv&google_hm=AwoRSyXbAEoNmH6JfDM8Itg
date
Wed, 11 Oct 2023 02:59:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0a114b25db004a0d987e897c333c22d8003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame E72C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKncHRoSB2kHdEQHj1bQ_WI&google_cver=1&google_push=AXcoOmR_xSzG3BsGd...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDY2NTMyMTE1NzY4OTg3OTM1NA%3D%3D&google_gid=CAESEKncHRoSB2kHdEQHj1bQ_WI&google_cver=1&google_push=AXcoOmR_xSzG3BsGdrIH-kDrOb7vM7auw4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDY2NTMyMTE1NzY4OTg3OTM1NA%3D%3D&google_gid=CAESEKncHRoSB2kHdEQHj1bQ_WI&google_cver=1&google_push=AXcoOmR_xSzG3BsGdrIH-kDrOb7vM7auw4gsDWSmvTLWLzXuy-5tMiGaVtSKMcOhvEnG8hiO_2yVgG9IUoaFO88Ez2ZWQtF2ZiHQEg
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
an-x-request-uuid
770f0ef9-f521-4440-86ce-bb62dd9e3d7f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDY2NTMyMTE1NzY4OTg3OTM1NA%3D%3D&google_gid=CAESEKncHRoSB2kHdEQHj1bQ_WI&google_cver=1&google_push=AXcoOmR_xSzG3BsGdrIH-kDrOb7vM7auw4gsDWSmvTLWLzXuy-5tMiGaVtSKMcOhvEnG8hiO_2yVgG9IUoaFO88Ez2ZWQtF2ZiHQEg
x-proxy-origin
80.255.7.107; 80.255.7.107; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E72C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbfDb4thDyg3bNWkOUkoGYnZlfoPSr_yEK72Ha0UwPvPXKvndvOaOVuxyP_1mEDqcnUY_rvw
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 105D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
479393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEP3izqSvLiBmUSOExe0l2Po&google_cver=1&google_push=AXcoOmTQ1aKe9gdiqJHbzy4v3U4dfY1pcJsQVoaWAdrC22BeE3dFgeHmDhbDcDaoTTGBYLmTT5-gzgJJKvn...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTQ1aKe9gdiqJHbzy4v3U4dfY1pcJsQVoaWAdrC22BeE3dFgeHmDhbDcDaoTTGBYLmTT5-gzgJJKvnqDYi3QZ8kP6VlRQGkvw&google_hm=hdPHitYERICFrPG2mj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTQ1aKe9gdiqJHbzy4v3U4dfY1pcJsQVoaWAdrC22BeE3dFgeHmDhbDcDaoTTGBYLmTT5-gzgJJKvnqDYi3QZ8kP6VlRQGkvw&google_hm=hdPHitYERICFrPG2mjdeCGs
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTQ1aKe9gdiqJHbzy4v3U4dfY1pcJsQVoaWAdrC22BeE3dFgeHmDhbDcDaoTTGBYLmTT5-gzgJJKvnqDYi3QZ8kP6VlRQGkvw&google_hm=hdPHitYERICFrPG2mjdeCGs
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGChoUc88xakcG04kUTWv48&google_cver=1&google_push=AXcoOmQQYXi0gbJ_buwCj8Bd7oQYwgA1wBbRmgY00Igl8OFpmHVRdrOQundySlMZO7ruEaleiCBy0l3DTpl2npexKOxxFyH...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGChoUc88xakcG04kUTWv48&google_cver=1&google_push=AXcoOmQQYXi0gbJ_buwCj8Bd7oQYwgA1wBbRmgY00Igl8OFpmHVRdrOQundySlMZO7ruEaleiCBy0l3DTpl2npexKOxxF...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQQYXi0gbJ_buwCj8Bd7oQYwgA1wBbRmgY00Igl8OFpmHVRdrOQundySlMZO7ruEaleiCBy0l3DTpl2npexKOxxFyHntGuH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQQYXi0gbJ_buwCj8Bd7oQYwgA1wBbRmgY00Igl8OFpmHVRdrOQundySlMZO7ruEaleiCBy0l3DTpl2npexKOxxFyHntGuH
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQQYXi0gbJ_buwCj8Bd7oQYwgA1wBbRmgY00Igl8OFpmHVRdrOQundySlMZO7ruEaleiCBy0l3DTpl2npexKOxxFyHntGuH
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSmgy...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmSmgysg8ofStKr4OjA9HF7wjaCp2-hwSqmvEiclLFf7zLvYHJOKqgLNk-SzY4Dx4wNAZ8LU4QPHFj5E...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmSmgysg8ofStKr4OjA9HF7wjaCp2-hwSqmvEiclLFf7zLvYHJOKqgLNk-SzY4Dx4wNAZ8LU4QPHFj5EYRAvndsIYXJW903eJA
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:24 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmSmgysg8ofStKr4OjA9HF7wjaCp2-hwSqmvEiclLFf7zLvYHJOKqgLNk-SzY4Dx4wNAZ8LU4QPHFj5EYRAvndsIYXJW903eJA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
738422
content-length
0
expires
Wed, 11 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELyRySfC_pCANeHzJHhVSJ0&google_cver=1&google_push=AXcoOmQrk1Obm8uRKHc-Vu4MfEmR1_rBcbztb17LRBRL6QQdVeGLQ1u01oHqAlfijOAUbwyLQY91sqU--xO8FFE7t2Wu26XnRR...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQrk1Obm8uRKHc-Vu4MfEmR1_rBcbztb17LRBRL6QQdVeGLQ1u01oHqAlfijOAUbwyLQY91sqU--xO8FFE7t2Wu26XnRRm...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEyNjg0MTU4MTIzNjQxODg2MjQ4Ng%3D%3D&google_push=AXcoOmQrk1Obm8uRKHc-Vu4MfEmR1_rBcbztb17LRBRL6QQdVeGLQ1u0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEyNjg0MTU4MTIzNjQxODg2MjQ4Ng%3D%3D&google_push=AXcoOmQrk1Obm8uRKHc-Vu4MfEmR1_rBcbztb17LRBRL6QQdVeGLQ1u01oHqAlfijOAUbwyLQY91sqU--xO8FFE7t2Wu26XnRRmYpg
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEyNjg0MTU4MTIzNjQxODg2MjQ4Ng%3D%3D&google_push=AXcoOmQrk1Obm8uRKHc-Vu4MfEmR1_rBcbztb17LRBRL6QQdVeGLQ1u01oHqAlfijOAUbwyLQY91sqU--xO8FFE7t2Wu26XnRRmYpg
date
Wed, 11 Oct 2023 02:59:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 84ED 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENFTOzflqBrG8W4DLd1f58A&google_cver=1&google_push=AXcoOmRV8YIsHhllgDZEWrrNy-92Zneft9YXPsHr9YxUeNt1sU1ICE3QMTLPQgP_pigm7HPtgNf5USmYs98b2Frby5T81lEKSZrtzQ
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-length
0
/
onetag-sys.com/match/ Frame 84ED
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPkS9_hx8M43dre-_Sa1qNU&google_cver=1&google_push=AXcoOmQldPaD2vAFnOQyJmICnykGea1WpePX5YIwVZSGXdC5su22fSzw5mZoMYwYnP_HGoAULsE_OD4-Qo-...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQldPaD2vAFnOQyJmICnykGea1WpePX5YIwVZSGXdC5su22fSzw5mZoMYwYnP_HGoAULsE_OD4-Qo-5zsweuF-MiHpaUyvWwEI
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 84ED 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEP_f817t_myR-NKDfmn4KME&google_cver=1&google_push=AXcoOmSgUc-OXYYtjvw6hFrlng9tLCsp-TaaydwAXHcirnv5Nng54whanXTdT9oIrtIcRMsKjNT8SjhKspsjEBVV9MNuufMli6bBRlM
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.157.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 84ED 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKwybrbg9wj334xXLm7j6Nqiw1tkWfLPX8ZMJePX2Dbzgi8eO3vTpPuUogqYGL0BIn857tYSg
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 1F08 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gyvfq4t6hy68pqys6rrxf1j7zcpfgy6z7z6ps96vnek9zrbv4m09610kgr3dq5yx3e7cv2jp6h57m7t8pp8b1gq711m9b7832py9ezdev4szeh25zq2b6j2hg7p0gv8ehp3nchv9jge3jp0sxtzep8t62rbr688jeb962834x2033z1wynn3hjvf44xbn85rv50bzqt3qb6mn5ac26dr77btjdw85x2pxa8cck5svxrek2mrsxbbmn7x47frefbew2wxw0qkxbh8d5x24y6z6mcfw67nwy5nb5qh21pvhq9gw40m9m789r910h2p12wk9ce1v9fe4dvsy48qcx9sy6knzpxjas8pcqhefvj2eqmr0c8a41q6tse6brzr1mc3w2r5492pvmqv8gqd0mc8ff12f9fja7dnhemwp1saq7015yxekgcmn46p47975sbngd126zzst5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%26client%3Dca-pub-7968146525597976%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gyvfq4t6hy68pqys6rrxf1j7zcpfgy6z7z6ps96vnek9zrbv4m09610kgr3dq5yx3e7cv2jp6h57m7t8pp8b1gq711m9b7832py9ezdev4szeh25zq2b6j2hg7p0gv8ehp3nchv9jge3jp0sxtzep8t62rbr688jeb962834x2033z1wynn3hjvf44xbn85rv50bzqt3qb6mn5ac26dr77btjdw85x2pxa8cck5svxrek2mrsxbbmn7x47frefbew2wxw0qkxbh8d5x24y6z6mcfw67nwy5nb5qh21pvhq9gw40m9m789r910h2p12wk9ce1v9fe4dvsy48qcx9sy6knzpxjas8pcqhefvj2eqmr0c8a41q6tse6brzr1mc3w2r5492pvmqv8gqd0mc8ff12f9fja7dnhemwp1saq7015yxekgcmn46p47975sbngd126zzst5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%26client%3Dca-pub-7968146525597976%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
407370
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYhRSEsoO3maVIN4arztCfVgtKCnKo73aPzapDKMFleC42WAYLxmcWRUcmVzumVJnJV43pD9zlqSMmMBgfVvLbeSNMYZTiYzWpMWC7Iy%2FNEuLpMFPMxIZP5htsOkLQbTb5bGCTyuxCE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
8143d8d49a641911-FRA
expires
Wed, 11 Oct 2023 03:59:25 GMT
r62eglto.js
ad4m.at/ Frame 1F08 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gyvfq4t6hy68pqys6rrxf1j7zcpfgy6z7z6ps96vnek9zrbv4m09610kgr3dq5yx3e7cv2jp6h57m7t8pp8b1gq711m9b7832py9ezdev4szeh25zq2b6j2hg7p0gv8ehp3nchv9jge3jp0sxtzep8t62rbr688jeb962834x2033z1wynn3hjvf44xbn85rv50bzqt3qb6mn5ac26dr77btjdw85x2pxa8cck5svxrek2mrsxbbmn7x47frefbew2wxw0qkxbh8d5x24y6z6mcfw67nwy5nb5qh21pvhq9gw40m9m789r910h2p12wk9ce1v9fe4dvsy48qcx9sy6knzpxjas8pcqhefvj2eqmr0c8a41q6tse6brzr1mc3w2r5492pvmqv8gqd0mc8ff12f9fja7dnhemwp1saq7015yxekgcmn46p47975sbngd126zzst5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%26client%3Dca-pub-7968146525597976%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
37730
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB5sT94zh1zikEgSezX8RpURP17usDS%2B%2BvDHyGymXtsPI7yGx6iHdPncvyjgo2pOJ8KzNcM5JcI1QnwZp4sX3dL%2F5Bbt%2BlQVTp5IM%2BlTkkThY1nVm4FRaUrKgHDQ52Tk8TC%2FGTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8143d8d4ba721911-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 10 Oct 2023 16:30:25 GMT
index.html
s0.2mdn.net/sadbundle/3465022879399501747/ Frame FC5F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8493283b5e762e599e3a65cbb5c20b3a1b3458c2a6fc49ab1f6edf5ee0f57dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
17940
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2458
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 22:00:25 GMT
expires
Wed, 09 Oct 2024 22:00:25 GMT
last-modified
Fri, 06 Oct 2023 12:49:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FD5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXu9N7KWtiAzB_7UahYVN-3F3Hqd0ZicJKmsUlQzSONaREK3zJJAoah3ViIVRQkiRCSnT8cOYN5fkqSAAQk26TjNrcnXQ4NFrPt29ZoSWRHN4v-j_hUTyooJrZYu1mn3g8tZcSKwYt80HmMbr1loMZn6Pwo_uTh4ZoZwubUIoXeTeZCfd1l86RCosg2DjNvaCP520uZdm5j8rv1HUXuixtnw56VHoN8TvnWxasiq-owFo2GHpJ1v3V4cun5GTQAxbXI2mZO26qY4EZ7HERcDVccAURVdGVB_x3SSq17iVmKYcGCPFM0YGu-3xF6b5tGJ8jvrYezOdrIgbA5V0Gu-Zfj9V7RG7lmNs301MylF8ZRlaHzHm1bkibu9rcV2eeCj3NRIwLuR_jLIYi8w_8agQIuFnkILyaERZN0-N0W3gyoRC04iC51W_GrdLcvB2cxBK_6WHEbIHYNsjlrPk9kO4e3A8zB3fi80FNiVgbATUZ_bvcIwjC3COQpzoy8eTTqtp56D4nOfyMBRR-2Fqo0IzQTPPBqqzKtNjqm6xHPVDl2gIxRaRwZtw6V5sVBe6jF2og4oZq0xbDDJ-PYTgDzQmnw209PCHCjyeQKu8WyxZ2ipVKbRGaG2a4wjsiMShxR0HFXS5ygKOfxSO91UBIgXiUhCQxWUfE46I-T6lNpzg4JqirmzSrQEZjUa1nlndkNJLj7aRvHh5V-sTrbhvIIXy6VPrcuuBaytdrjglfg3I5HmytyhVSzCSWNJwBWldHA39mGCf4efTSzwMhiPU3_2wlBZG7vsLGGUNqoLeKZKaf-eKdufiGWxZwq80qfeLSrtW4UogQXpCLhpwgeYvRFm49CzjlYLM63Uh57sLjlJXFyE2EB_KA6VQ_YnlqiK-CVE0u4_QT-X5a7zEyRr489ync6-h5vaWmDOGVU81OtWEKfbGd9tN3rSjPJnLyEY2Nzcaiort3nFiuqH38DVzp28TfjbnX2JMw0Je5RK5WeeCRVkNVfuifmBCN7Rkp7UTBZxk4WD9WGQtK2q-V9bKHUggWSgaPapvjAk6_LtalBl6LftPiRQ-3DGFblUNxQxg0dAlG5O41sMeZtKyXwIkEvb7ei_SjAX622FZsR-xbKmhSdsVUan_s0___qnkWuidoCJ0QlvjB8xSNrscK-X34sYM39UXLHZdNaBC0ycxgpOxf-VyL923iRjpsbnmA-FcRvIfgFCOlmC2lTqTzVdJ1HVNzIXoF9W1_Tb6zxjfaJ3EQDzRmoD-Wm6dJw6QJ7i0d4vFUS5KnHbClxCEZEQ8P1l884BSekfV00xSpO_dD4I8MVell8iaBpgO9PTv93dbBHmbEopxsUtCKULTPBSXynhcxZxZD6IW4j6kUxr0lVykSrt8hWfg9SJTtptXGYA&sai=AMfl-YQ5vxu2bpg0e2A7qBxD_x6LE2VyGcCzkogkAR1GYwlrpPNiMa-5wHFI6sYyC3E5MKVR0e_N0WDTWNj7NeJjomAst7Zrl9DcgSiGeKlkWPH3mwFp8luuV0uhYbv54rLFa7b4NFfVR-8vw8rYEU1345RJwHyd9NfrMHVfWmcxE-of0Z4_CGYjeX4Q9qHwRfHl_UZ8IuYOT6DjU7VatE6GmuGQwlRlyQJM-mPmuKBUfW58ODbZdP0NB3Y5XffDfBeOS2zgKOo&sig=Cg0ArKJSzEyOhhHTzuk2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=267&cbvp=1&cstd=263&cisv=r20231004.39718&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
container.html
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B722 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:23 GMT
expires
Thu, 10 Oct 2024 02:59:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame 105D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
501730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:37:15 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1F08 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2561
x-guploader-uploadid
ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhwtoVpdMo4biBlqQTbUmu5ZlnDpNM0u8YN9aX77DkaAc3GS4Haqv6f9UbV2UlDgV9IqxH26T1FLkwSXT3GqVaaVwJosmSZo21%2FRNlC7TcPKXkeFP%2F5B6Lyu0mW3mrPu9FdN0b1%2FRNt74iZm8P%2BIb3tm"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
8143d8d60b281979-FRA
expires
Wed, 11 Oct 2023 02:24:17 GMT
frame.html
ad4m.at/ Frame 4A38 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1000649
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
8143d8d5583a3a92-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 11 Oct 2023 02:59:25 GMT
expires
Sat, 09 Sep 2023 00:14:58 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcP30n7VXWjNg321dErD9N0u9IjErv6TPL53sKc2IJormoYBtekTer8DX%2FIR1rf7b1MZM7T0XPg%2BkmI8kize9c5Iq2T4r2rvruR9JQBumE4VxJE8G2Wvl%2BvhqHqj8S588gQQ1WA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7568 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLLfn9wBMAE&v=APEucNW3ZWwBEr87ZAjXJvMqvxsKvgYXXWGd_sMQCPpCOKtpldn8r-5mTsTkfRWSktHeoeFFteKo_-5H09fZHPnHPpaCgwI5RtZgt3O-5WDuZCYEE4fbsGbCJU5SvgBnGefLqxKXws3iA8U-G0B-3gi8NGAkrYAiooJF-x5OsSJ-1GQ9EzMjAkg
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B722 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B722 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DM9CzKh5-dMsQKcRpEA8QpH1r5fuwPIPHBZVk522VWV0eLCrXn57DvB6rZOmLz-6GPNWyWziPPvtrW7lqE9zd-6MHqIik8AjGIFeQcnSOtfy4p7Vc
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B722 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5369717108827389868&x=1&ct=76
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B722 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 16:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:17:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B722 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame B722 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgJnFOSTbX6eAAqvP16m0c3A5TN00t3jPfc0agTO7dDHucTkSG8RGDNbDBpX--icGWAjIBj4bdOC9lyEBZVCP8KBX68Q
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B722 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:25 GMT
jquery.min.js
brain.adbot.tw/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/js/jquery.min.js
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/bootstrap.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Jan 2017 02:20:24 GMT
ETag
W/"5876e7e8-17b8b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 10 Nov 2023 02:59:25 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FC5F 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 02:59:25 GMT
index.js
s0.2mdn.net/sadbundle/3465022879399501747/ Frame FC5F 		81 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3465022879399501747/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0ea94ece6b5abc4de442f40f43afec694bd42b6817251769ea6b4fe4d81fbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 22:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17940
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14162
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 12:49:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Oct 2024 22:00:25 GMT
sd
us-u.openx.net/w/1.0/ Frame 7568
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAamO8svk7Qk-DFq672Jwl8&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAamO8svk7Qk-DFq672Jwl8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLLfn9wBMAE&v=APEucNW3ZWwBEr87ZAjXJvMqvxsKvgYXXWGd_sMQCPpCOKtpldn8r-5mTsTkfRWSktHeoeFFteKo_-5H09fZHPnHPpaCgwI5RtZgt3O-5WDuZCYEE4fbsGbCJU5SvgBnGefLqxKXws3iA8U-G0B-3gi8NGAkrYAiooJF-x5OsSJ-1GQ9EzMjAkg
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAamO8svk7Qk-DFq672Jwl8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 7568 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLLfn9wBMAE&v=APEucNW3ZWwBEr87ZAjXJvMqvxsKvgYXXWGd_sMQCPpCOKtpldn8r-5mTsTkfRWSktHeoeFFteKo_-5H09fZHPnHPpaCgwI5RtZgt3O-5WDuZCYEE4fbsGbCJU5SvgBnGefLqxKXws3iA8U-G0B-3gi8NGAkrYAiooJF-x5OsSJ-1GQ9EzMjAkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 7568
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPC7UY_-YjBNPluK3NYncXE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPC7UY_-YjBNPluK3NYncXE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLLfn9wBMAE&v=APEucNW3ZWwBEr87ZAjXJvMqvxsKvgYXXWGd_sMQCPpCOKtpldn8r-5mTsTkfRWSktHeoeFFteKo_-5H09fZHPnHPpaCgwI5RtZgt3O-5WDuZCYEE4fbsGbCJU5SvgBnGefLqxKXws3iA8U-G0B-3gi8NGAkrYAiooJF-x5OsSJ-1GQ9EzMjAkg
Protocol
H2
Server
23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-93-33.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Wed, 11 Oct 2023 02:59:25 GMT
pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPC7UY_-YjBNPluK3NYncXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 7568 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLLfn9wBMAE&v=APEucNW3ZWwBEr87ZAjXJvMqvxsKvgYXXWGd_sMQCPpCOKtpldn8r-5mTsTkfRWSktHeoeFFteKo_-5H09fZHPnHPpaCgwI5RtZgt3O-5WDuZCYEE4fbsGbCJU5SvgBnGefLqxKXws3iA8U-G0B-3gi8NGAkrYAiooJF-x5OsSJ-1GQ9EzMjAkg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-93-33.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Wed, 11 Oct 2023 02:59:25 GMT
pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame B722 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1076401073003&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B722 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1076401073003&version=m202309260101&ct=76&x=1&cor=5369717108827390000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B722 		111 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR6my-ee6R8h2SYppOcStQAH-oBlpDribXv9Qz4s968twozc3645vnyGMGKDPKfv2mp-Q-AFofBQPOAvzVVizRtU6NWiCHvnBQ9-Bj3C5VQ7qCTNxvsl5ith4Lep--A8vP3KnI4dqVN8SBG7RqjRY9mvtqaD5_IJ-uNeUz1_p-lkX1ce0&dbm_d=AKAmf-BsL6104vMvyAfpDQvX8GgUuCHVQAggtKn7JNl29h52crCGZWCACOSS7ogBi7fzlPzK_GcXgrDOuQB1AscuHipJoZ4HOgAkwuAC27LDm5yikvsrpk_iJ2exQbWgJAVncGhf1HAbBjBenggwCN8ee_p2jVVNnnVufFjlUUXl0i9LGXHRRyks0Df2UFvK_cUSBOJ1_2jdgGpfW5MPuT4LULeJ6bv71FtQbJF12pxP7dyp2BFCrK4B_j1F0R6UWmtkA-eegfU0Thm07Hhtn5NrrpjSSP7Ns3rT5TCLbJx_UyEKez34JtpmcoBKynfi83kuRUqis5_IyfWKreHVniRYIUH2OGbBgmw6HOHSPmaFCZhIXqJetV_rjpYISr_F1wJhNHpAYXlhRPSb1Zkpgb14gtqxEvwZHSVRTfgDO_OVEBGKewhAdnwWa8YnB86g8pk-uyHBkeRHWZV3npyawDGmDElQBUCq0ycLXKBSX-Hr6-ldpP2Bm8hA-rOoVYglhiWL6tTe9q1-kuIwqd6nmu1k-Guoo5hFzvz60gt_IPHPGQO2atsPeJz-MIsAcPNt5J1I72I_OEdNCo_9PWeb8F92dfvEEqXm2MwG3Id84LDHH6h_qUf5N9lsmkXrUfdHttF9dJafmpGOaVp2tfWVORnR--4NmZG4TutbXJSASerzyPGAQQaBrVZ6ruTbNyuOWitgmTnDr0yymc4ZkDHOynCR0xtsjtK6ZL6EJZ4SqUJbgd5_1NDUlem7hU5saIb0xlsCGEjTZOsxhlsmh6N366WkRlfTP68IyMQ7AQq2-nIOsJhl2ZtCd_MBWGwus2xNSV4FH2ocCYsNvu_lT6Oqk6J6wU4SgsTyPTVdT6NKiPT1ZlI8Y1kHWHVFg5btwkOn-bXPsIlVQ80yFKMAKo6dGQHm12NHXm4DLm6rfOsFvtYjXxpOIxJpPxZpp_R_KQb1mFX4kZ977DoDHW2QEYd4dHeJg0wVVYjbnX8F69StTGh85XqXDXZL-kiVJALfBmQXp_bYDCpQ6rNrXfxWOdp7gmFxsjj896C7EOQzrgCEUl3EQNBVX3GjE_HOCnqqsI9maiyHIwO4CDkXItGzdcjtL07CUIlntZDN6dnehRl5rbfrnq9CfzXxdom5MLnxemnVeIu1BQYjIoIBrwKLt4ffA0suXoFoRqM5ZVRE8WPCZxTjPa_T79AGnQt_xxBSW17d8rUriSX4LHvZyL6kENWwHEyaR89iedCWkqCn_dQaL5QoRqH2qVzU_EibMfGNyyosfKDcl3-757km-81w9MqPVwMpEz_LwQdVyyLGjlyehZ7KpmcCcsmWSocpJgz6WWQ8WHHkpmZK7J2YiINaGsvRiTK8b5uOhPvNu0E_gM5Hm5AD2WCwJErWoGhG1GP6oq7leiNByfGgdmYTNo6f8Ii2uBQXd99L6TYH8Ctztejqj-WhWzobUzxFyAhrc4N5iY5_n6asAiyjP6A9VyVKt8itV2WIM1tkOXIJmjcXlFILhyl1b4ZzazxBWO_8f9ZTdhkqS2budG7j8KZsHAPF_WcZmVMbDs8T75jfatcYt3B1OugXKtCkKliVs6trDjJXm6DePoOJYUbNBO4sTdckOxXYFyVRrIIeaIfnCJ7Ta0K7nLnz94V6ZJTsbtoKsHsqp8r7zqRwnoyFus-dbuqPDZkFRliaT0DzcffVLhhoz24641QL5EX573BLTapLHXJz8EBkI-HuqxT8Gnkr5Bztq_qDitG2fDnYpIiR2EI4OVhlE91_XBETyT7lK5Kr7HRTKB0ubO2gq5WMERREErp2C07a9od5iRUWJzU0xzeQhz_CzkgmfSqOLPdZ-1ywDpcyfrkg8s5nXCveZd8_BtLcvsqqVxQXeCcAMikulgb_tleVjSL0moHq6wZM1GpgYoWF9oq4Iz4zgK033k57Wirqmy-L4CLGLFF29mIV_7-miTefc0-EyL10H95Xcy9vtts3zLSb2omzQjL786lSh5L6jgz1gbm0cAHMAAEvFSUC-7X1vXFABUcyOVs5DGdam6IgRkyyl74xT0CdcFuefCXGNgKHsEJuKbwTiOhubMv-6m72RYSFGvRdbMBx02lEWEJ3X_PFQBtEZZNhy6zXLdHxY7EEdPAMB_nJr-Exkbl5x3y257hWWfSFS3qqTfqmMHZquxceNS8K3AFd_3nztUHPVMF93tDCY4FVlCEcXHSYBtwijR5vK1_aVlVnaf3q4QNgj-qJk5I5rljMqUeEVnosYdJcX7FbbY-eQPAbCqnXOriRf7x4OGJVp7K2fdYxuXgJtvyRsWL4WvSd8Qt0HCwYSrcXfqucCk4uXzDYI-BEvV73N6IVV1Cx4AjbysagKYLWH4NJrTX2i2wh8MLOO1vfGKZ3Sm47q7hB9HuOirA3k-aFl0KpQCIMsiaZackmmfGOSvsbu4YrGAPM_WcnuVx48KHL4T5eqTZcau8aYFYOFDsRVycTjWB-ezS_svOzz3a-tAqPVWSnwgZG2_3PInp3O43PKEHUN0gAb_bpFV0RUQfHxkOv_M7SkSgNTb-HkQtiP7IMilJgiHYAgP_BIE4Z40nb8XfQYVNmTQP9cDwWDSUdI6LaCV-X6L2ZfSDswj3-cwC_kDh6Uz-cqPAPo5QgGJvaV7jscLGyiMDpNXNYn1T7pGGbylRYQvo69AlREat-tGk14oEnXtJvFLC7NkHTJStr4HkuN-qnm4FV7BhDpumb02uBQNeNCgPrmpryXmcUbeCSfT78M4zFQ2IQY6WAIc1lCLUCabU6YQC5xR_tDoQakp-7W4LdEC26FCb_DUv9VtuluKga3MjMEcc5zYyxyVJATpWcdEFpetaxbcV5eim3aHU4NQAOJ1yMFNH_pA26qz-qYOd2l1BtTs3Kw2SwLWUqUS-ZO4tOOAbMVLbxPsDMN7pr_SwtKX81cC9ZHmuLuL8PhubEhkYAwCJbdJXgfRa6uF44joFXeHzYp61kPaT3Jbpl7ADDmXelVfVzYOQrQ5AYpxFgOad-JT3WOo1L1g_dlltJXun8HOFPtYhdoWnA4fUo1Ju2IudOE4MvsSCOwPzDU-xiGId6sEhUYerW4MNXxmgveAJnScZ6-8OCqgY1iZ50hw5F4RYKJNT_HRKKiza7JTEVUZCYS6uHCivNzTsj8lDR5x3vewdj2dbp9vv-xYDb6siLlo3G4nZ13TZv0JeyZQHTKPT8movQh2Kvp31iXkd8IU9tu6f87JEvIGpU9yOjOnS1HesReWO6_X38x8tIkVDinlf9ACJT-eLGvP03W3OfRt-YIqPaBKm6Vh5SIwx_GWuWlHhvzs9y-661ON6zBPB8AhYy1rEAockJHUPn20Si4yWyQhmPnqMAI6eGZ3LuMf-7QTXZO5NLThHMA4pwFJiMH8Ode9Iw_AJTUoaHCC0GW4z52bbHTdt3WO2A708-GZttRb6Gj3E3nBg-pVc1eMhFCPGDH3QldbCUCjydVoWcvd7Pkr5qfspdDvGgudcvBLsOgOODfzkr2DM6Omi7Anf66KwurC-9F9GIkx9oTWHsPd5uwUBDN5710S1g7t-t_t0SUgaIiaKesyiwTLsOekumQQCTPmdJp8LQ3QOIC3EkqZfC4_2ziQ5dqCs6mSkOX9C9y2J1p1WYv5-i_X_UQViQae1UYOVL8L7vIvAt7M7MlK_8op-LLgqB36Z1X7GtKceT-4XtNLZrVSGniUJ9kyGR00MuFTnp1K9VLtk40xHeFBHpy00sdhhxvKbdA1JA3GPQJlxwh41WpBZGSEQqCJKZ0SYASGHU5JpYPzY5fLN6X8BJQ1kihMNuXF6okbW09vajcpEqdE04wdTn95qmihV5_OAjfqti9yVSsPWK6a97SdIpTgoDy6760XBu_AHNnn7lemvFcCw&cid=CAQSPADICaaNzXEldi0XlqnPUVQ-c7L-4acvjeXdTMVzX_nQbqVIoQyNti0SHcaHZcntfOw6_Ukz1bP5OsXbsxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ds=l&xdt=1&iif=1&cor=5369717108827390000&adk=3690638929&idt=85&cac=0&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02665c58316db0ab75a66eecee22d9b2c33bebeb014c3da779e868457f659e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42560
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 76FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzKf2jA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE-QFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lAmH7c58I7yuVhySFhawFRFYZFzzviKiRjYmX7uy4kgQyDSxIAsLbgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk2ODE0NjUyNTU5Nzk3Nhj2lGw&sigh=9oNQ-CFZ6dc&uach_m=[UACH]&cid=CAQSPADICaaN2CBKR7v_Pyr7hNoRFlee7eo9k3uzLPJgEskTHBisdDnDZpHiFFv7zh4NQy9TXfXffxGxuF-G3hgB&cbvp=2&vis=1
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 76FF 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g6ybpnmn8j1e7w61g2geh3njjy9mr6q18qcnzjs2wba3vnemghskpe5kzs3ddagskc7b59x1v3behd2mysd545y0d062f3gbbae5kn50gabarz6thg37wens5g81wvkvq0fm3t79ft1yw956r80dn5a7ctqcmydy7ha2tg81s3jkgsw7wm0dkpfpkk3t11phchrj286sa7sz1ddx5h3nx7yxq1r6f1nk97191yw65z28qtsx8vffyn4wz2yssr4edpgpjepr2nvxyp1tczr4dm3qc9dnzhxqq8f87rxpgtzdrf7q50zpvc965fy6v8z4q10xcp9az7v18cg9jtp9dpykps9ccfd5b7zza7261y5d3wzgj702mqq22zv71zdfgfwap4e8ng1z9nc&b=ZSYPjAAOxUAHg4sZAAQaC-0vOaHRS39nuDoyfQ&cbvp=2
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Oct 2023 02:59:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame E866 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuuw6d5jcyd9TToX6YoJfhsOpqI_VZUE7hzapzqu2u_y2H4oPnhTCSg99M53tGZc1pTf90AowzUFQRSgY-2yv22eUBI5PFdXuq8xHA4ij5bRYIRJpZZ9lpHklq9YGpX-_LX5LxjMU6MsokTZifhtpFqIoOE-7F_5Ylf1tsww0&sai=AMfl-YQc7GmB0CUL38oDXYEbpEj93IrglhVOU4bbtlGxSw14fY4jyc3R1ziSHRoNsfBL4LbQ0kfXNm4tdeZ_ASp9ZCM9q0mStJXixDaPVZTVW7U7ePQaQWePzA71zSY&sig=Cg0ArKJSzD_bArwhJQPxEAE&cid=CAQSOwDICaaNwzHAQbE6X51eprHdPcvOgIbJLbClBIIpoHLD9-7mB0S6msYtlBgVpKo3citAiSglAU4JtEw3GAE&id=lidar2&mcvt=1017&p=0,0,250,300&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=309144408&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696993162357&rpt=2455&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8143d8d71a3735e6-FRA
content-length
24
content-type
text/plain
date
Wed, 11 Oct 2023 02:59:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zruh3u%2B9KBM%2BtS4ndE94Mpq8Gbhw1SCohG1%2F5nYvO4g9adZyGWzLvisyobM%2FewNtlr63izRIW9ZJFNTY93QihmWSCQ2lI0Kudr9aCMWSrqQWn1KG5TBeRqLBW4ijRl7NmSgO0%2B0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0hk6
rs
ad4m.at/ Frame 1F08 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77d4e75da8de2982abd31e6c5b19305cc899254ca7d2a723c6aac6b6b0588547

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzhb6T1ODKQQjPyM2l9u9dMk%2F%2Bo67YD4Ewvp0gqSpRYR%2FXuswbtGlYyO%2B7acBJILRt5xpxnDRly8Qq2ASdIIZrUGyCf0k44Nm4R44bM3DBgy26zaCbzoz1Vrn9W7KskJXnrk7HI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8143d8d78a7835e6-FRA
x-backend-server
aa-reachservice-group-europe-west1-0hk6
alt-svc
h3=":443"; ma=86400
im01.jpg
s0.2mdn.net/sadbundle/3465022879399501747/images/ Frame FC5F 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3465022879399501747/images/im01.jpg
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77f396997acbfde731206cd52ee30127c4acfbc26a4bacc0f1c902f4455ac996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 22:00:27 GMT
x-content-type-options
nosniff
age
17938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112808
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 12:49:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Oct 2024 22:00:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FD5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXu9N7KWtiAzB_7UahYVN-3F3Hqd0ZicJKmsUlQzSONaREK3zJJAoah3ViIVRQkiRCSnT8cOYN5fkqSAAQk26TjNrcnXQ4NFrPt29ZoSWRHN4v-j_hUTyooJrZYu1mn3g8tZcSKwYt80HmMbr1loMZn6Pwo_uTh4ZoZwubUIoXeTeZCfd1l86RCosg2DjNvaCP520uZdm5j8rv1HUXuixtnw56VHoN8TvnWxasiq-owFo2GHpJ1v3V4cun5GTQAxbXI2mZO26qY4EZ7HERcDVccAURVdGVB_x3SSq17iVmKYcGCPFM0YGu-3xF6b5tGJ8jvrYezOdrIgbA5V0Gu-Zfj9V7RG7lmNs301MylF8ZRlaHzHm1bkibu9rcV2eeCj3NRIwLuR_jLIYi8w_8agQIuFnkILyaERZN0-N0W3gyoRC04iC51W_GrdLcvB2cxBK_6WHEbIHYNsjlrPk9kO4e3A8zB3fi80FNiVgbATUZ_bvcIwjC3COQpzoy8eTTqtp56D4nOfyMBRR-2Fqo0IzQTPPBqqzKtNjqm6xHPVDl2gIxRaRwZtw6V5sVBe6jF2og4oZq0xbDDJ-PYTgDzQmnw209PCHCjyeQKu8WyxZ2ipVKbRGaG2a4wjsiMShxR0HFXS5ygKOfxSO91UBIgXiUhCQxWUfE46I-T6lNpzg4JqirmzSrQEZjUa1nlndkNJLj7aRvHh5V-sTrbhvIIXy6VPrcuuBaytdrjglfg3I5HmytyhVSzCSWNJwBWldHA39mGCf4efTSzwMhiPU3_2wlBZG7vsLGGUNqoLeKZKaf-eKdufiGWxZwq80qfeLSrtW4UogQXpCLhpwgeYvRFm49CzjlYLM63Uh57sLjlJXFyE2EB_KA6VQ_YnlqiK-CVE0u4_QT-X5a7zEyRr489ync6-h5vaWmDOGVU81OtWEKfbGd9tN3rSjPJnLyEY2Nzcaiort3nFiuqH38DVzp28TfjbnX2JMw0Je5RK5WeeCRVkNVfuifmBCN7Rkp7UTBZxk4WD9WGQtK2q-V9bKHUggWSgaPapvjAk6_LtalBl6LftPiRQ-3DGFblUNxQxg0dAlG5O41sMeZtKyXwIkEvb7ei_SjAX622FZsR-xbKmhSdsVUan_s0___qnkWuidoCJ0QlvjB8xSNrscK-X34sYM39UXLHZdNaBC0ycxgpOxf-VyL923iRjpsbnmA-FcRvIfgFCOlmC2lTqTzVdJ1HVNzIXoF9W1_Tb6zxjfaJ3EQDzRmoD-Wm6dJw6QJ7i0d4vFUS5KnHbClxCEZEQ8P1l884BSekfV00xSpO_dD4I8MVell8iaBpgO9PTv93dbBHmbEopxsUtCKULTPBSXynhcxZxZD6IW4j6kUxr0lVykSrt8hWfg9SJTtptXGYA&sai=AMfl-YQ5vxu2bpg0e2A7qBxD_x6LE2VyGcCzkogkAR1GYwlrpPNiMa-5wHFI6sYyC3E5MKVR0e_N0WDTWNj7NeJjomAst7Zrl9DcgSiGeKlkWPH3mwFp8luuV0uhYbv54rLFa7b4NFfVR-8vw8rYEU1345RJwHyd9NfrMHVfWmcxE-of0Z4_CGYjeX4Q9qHwRfHl_UZ8IuYOT6DjU7VatE6GmuGQwlRlyQJM-mPmuKBUfW58ODbZdP0NB3Y5XffDfBeOS2zgKOo&sig=Cg0ArKJSzEyOhhHTzuk2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=584&vt=11&dtpt=317&dett=3&cstd=263&cisv=r20231004.39718&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1291251/67826871/ Frame B722 		249 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1291251/67826871/skeleton.js?ias_dspID=3&ias_campId=1010179150&ias_pubId=pub-7968146525597976&ias_chanId=1&ias_placementId=19226434042&bidurl=https://dacota.tw/blog/post/antdownload-2&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jKZwOQqxL2mQ2u0qhX_psi
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.151.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-151-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4aaa9ae97c61df3ecda893f4d208377e3e6b8170091378053abfc74cb8c23c43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B722 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Origin
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame B722 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR6my-ee6R8h2SYppOcStQAH-oBlpDribXv9Qz4s968twozc3645vnyGMGKDPKfv2mp-Q-AFofBQPOAvzVVizRtU6NWiCHvnBQ9-Bj3C5VQ7qCTNxvsl5ith4Lep--A8vP3KnI4dqVN8SBG7RqjRY9mvtqaD5_IJ-uNeUz1_p-lkX1ce0&dbm_d=AKAmf-BsL6104vMvyAfpDQvX8GgUuCHVQAggtKn7JNl29h52crCGZWCACOSS7ogBi7fzlPzK_GcXgrDOuQB1AscuHipJoZ4HOgAkwuAC27LDm5yikvsrpk_iJ2exQbWgJAVncGhf1HAbBjBenggwCN8ee_p2jVVNnnVufFjlUUXl0i9LGXHRRyks0Df2UFvK_cUSBOJ1_2jdgGpfW5MPuT4LULeJ6bv71FtQbJF12pxP7dyp2BFCrK4B_j1F0R6UWmtkA-eegfU0Thm07Hhtn5NrrpjSSP7Ns3rT5TCLbJx_UyEKez34JtpmcoBKynfi83kuRUqis5_IyfWKreHVniRYIUH2OGbBgmw6HOHSPmaFCZhIXqJetV_rjpYISr_F1wJhNHpAYXlhRPSb1Zkpgb14gtqxEvwZHSVRTfgDO_OVEBGKewhAdnwWa8YnB86g8pk-uyHBkeRHWZV3npyawDGmDElQBUCq0ycLXKBSX-Hr6-ldpP2Bm8hA-rOoVYglhiWL6tTe9q1-kuIwqd6nmu1k-Guoo5hFzvz60gt_IPHPGQO2atsPeJz-MIsAcPNt5J1I72I_OEdNCo_9PWeb8F92dfvEEqXm2MwG3Id84LDHH6h_qUf5N9lsmkXrUfdHttF9dJafmpGOaVp2tfWVORnR--4NmZG4TutbXJSASerzyPGAQQaBrVZ6ruTbNyuOWitgmTnDr0yymc4ZkDHOynCR0xtsjtK6ZL6EJZ4SqUJbgd5_1NDUlem7hU5saIb0xlsCGEjTZOsxhlsmh6N366WkRlfTP68IyMQ7AQq2-nIOsJhl2ZtCd_MBWGwus2xNSV4FH2ocCYsNvu_lT6Oqk6J6wU4SgsTyPTVdT6NKiPT1ZlI8Y1kHWHVFg5btwkOn-bXPsIlVQ80yFKMAKo6dGQHm12NHXm4DLm6rfOsFvtYjXxpOIxJpPxZpp_R_KQb1mFX4kZ977DoDHW2QEYd4dHeJg0wVVYjbnX8F69StTGh85XqXDXZL-kiVJALfBmQXp_bYDCpQ6rNrXfxWOdp7gmFxsjj896C7EOQzrgCEUl3EQNBVX3GjE_HOCnqqsI9maiyHIwO4CDkXItGzdcjtL07CUIlntZDN6dnehRl5rbfrnq9CfzXxdom5MLnxemnVeIu1BQYjIoIBrwKLt4ffA0suXoFoRqM5ZVRE8WPCZxTjPa_T79AGnQt_xxBSW17d8rUriSX4LHvZyL6kENWwHEyaR89iedCWkqCn_dQaL5QoRqH2qVzU_EibMfGNyyosfKDcl3-757km-81w9MqPVwMpEz_LwQdVyyLGjlyehZ7KpmcCcsmWSocpJgz6WWQ8WHHkpmZK7J2YiINaGsvRiTK8b5uOhPvNu0E_gM5Hm5AD2WCwJErWoGhG1GP6oq7leiNByfGgdmYTNo6f8Ii2uBQXd99L6TYH8Ctztejqj-WhWzobUzxFyAhrc4N5iY5_n6asAiyjP6A9VyVKt8itV2WIM1tkOXIJmjcXlFILhyl1b4ZzazxBWO_8f9ZTdhkqS2budG7j8KZsHAPF_WcZmVMbDs8T75jfatcYt3B1OugXKtCkKliVs6trDjJXm6DePoOJYUbNBO4sTdckOxXYFyVRrIIeaIfnCJ7Ta0K7nLnz94V6ZJTsbtoKsHsqp8r7zqRwnoyFus-dbuqPDZkFRliaT0DzcffVLhhoz24641QL5EX573BLTapLHXJz8EBkI-HuqxT8Gnkr5Bztq_qDitG2fDnYpIiR2EI4OVhlE91_XBETyT7lK5Kr7HRTKB0ubO2gq5WMERREErp2C07a9od5iRUWJzU0xzeQhz_CzkgmfSqOLPdZ-1ywDpcyfrkg8s5nXCveZd8_BtLcvsqqVxQXeCcAMikulgb_tleVjSL0moHq6wZM1GpgYoWF9oq4Iz4zgK033k57Wirqmy-L4CLGLFF29mIV_7-miTefc0-EyL10H95Xcy9vtts3zLSb2omzQjL786lSh5L6jgz1gbm0cAHMAAEvFSUC-7X1vXFABUcyOVs5DGdam6IgRkyyl74xT0CdcFuefCXGNgKHsEJuKbwTiOhubMv-6m72RYSFGvRdbMBx02lEWEJ3X_PFQBtEZZNhy6zXLdHxY7EEdPAMB_nJr-Exkbl5x3y257hWWfSFS3qqTfqmMHZquxceNS8K3AFd_3nztUHPVMF93tDCY4FVlCEcXHSYBtwijR5vK1_aVlVnaf3q4QNgj-qJk5I5rljMqUeEVnosYdJcX7FbbY-eQPAbCqnXOriRf7x4OGJVp7K2fdYxuXgJtvyRsWL4WvSd8Qt0HCwYSrcXfqucCk4uXzDYI-BEvV73N6IVV1Cx4AjbysagKYLWH4NJrTX2i2wh8MLOO1vfGKZ3Sm47q7hB9HuOirA3k-aFl0KpQCIMsiaZackmmfGOSvsbu4YrGAPM_WcnuVx48KHL4T5eqTZcau8aYFYOFDsRVycTjWB-ezS_svOzz3a-tAqPVWSnwgZG2_3PInp3O43PKEHUN0gAb_bpFV0RUQfHxkOv_M7SkSgNTb-HkQtiP7IMilJgiHYAgP_BIE4Z40nb8XfQYVNmTQP9cDwWDSUdI6LaCV-X6L2ZfSDswj3-cwC_kDh6Uz-cqPAPo5QgGJvaV7jscLGyiMDpNXNYn1T7pGGbylRYQvo69AlREat-tGk14oEnXtJvFLC7NkHTJStr4HkuN-qnm4FV7BhDpumb02uBQNeNCgPrmpryXmcUbeCSfT78M4zFQ2IQY6WAIc1lCLUCabU6YQC5xR_tDoQakp-7W4LdEC26FCb_DUv9VtuluKga3MjMEcc5zYyxyVJATpWcdEFpetaxbcV5eim3aHU4NQAOJ1yMFNH_pA26qz-qYOd2l1BtTs3Kw2SwLWUqUS-ZO4tOOAbMVLbxPsDMN7pr_SwtKX81cC9ZHmuLuL8PhubEhkYAwCJbdJXgfRa6uF44joFXeHzYp61kPaT3Jbpl7ADDmXelVfVzYOQrQ5AYpxFgOad-JT3WOo1L1g_dlltJXun8HOFPtYhdoWnA4fUo1Ju2IudOE4MvsSCOwPzDU-xiGId6sEhUYerW4MNXxmgveAJnScZ6-8OCqgY1iZ50hw5F4RYKJNT_HRKKiza7JTEVUZCYS6uHCivNzTsj8lDR5x3vewdj2dbp9vv-xYDb6siLlo3G4nZ13TZv0JeyZQHTKPT8movQh2Kvp31iXkd8IU9tu6f87JEvIGpU9yOjOnS1HesReWO6_X38x8tIkVDinlf9ACJT-eLGvP03W3OfRt-YIqPaBKm6Vh5SIwx_GWuWlHhvzs9y-661ON6zBPB8AhYy1rEAockJHUPn20Si4yWyQhmPnqMAI6eGZ3LuMf-7QTXZO5NLThHMA4pwFJiMH8Ode9Iw_AJTUoaHCC0GW4z52bbHTdt3WO2A708-GZttRb6Gj3E3nBg-pVc1eMhFCPGDH3QldbCUCjydVoWcvd7Pkr5qfspdDvGgudcvBLsOgOODfzkr2DM6Omi7Anf66KwurC-9F9GIkx9oTWHsPd5uwUBDN5710S1g7t-t_t0SUgaIiaKesyiwTLsOekumQQCTPmdJp8LQ3QOIC3EkqZfC4_2ziQ5dqCs6mSkOX9C9y2J1p1WYv5-i_X_UQViQae1UYOVL8L7vIvAt7M7MlK_8op-LLgqB36Z1X7GtKceT-4XtNLZrVSGniUJ9kyGR00MuFTnp1K9VLtk40xHeFBHpy00sdhhxvKbdA1JA3GPQJlxwh41WpBZGSEQqCJKZ0SYASGHU5JpYPzY5fLN6X8BJQ1kihMNuXF6okbW09vajcpEqdE04wdTn95qmihV5_OAjfqti9yVSsPWK6a97SdIpTgoDy6760XBu_AHNnn7lemvFcCw&cid=CAQSPADICaaNzXEldi0XlqnPUVQ-c7L-4acvjeXdTMVzX_nQbqVIoQyNti0SHcaHZcntfOw6_Ukz1bP5OsXbsxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ds=l&xdt=1&iif=1&cor=5369717108827390000&adk=3690638929&idt=85&cac=0&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
47734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B722 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR6my-ee6R8h2SYppOcStQAH-oBlpDribXv9Qz4s968twozc3645vnyGMGKDPKfv2mp-Q-AFofBQPOAvzVVizRtU6NWiCHvnBQ9-Bj3C5VQ7qCTNxvsl5ith4Lep--A8vP3KnI4dqVN8SBG7RqjRY9mvtqaD5_IJ-uNeUz1_p-lkX1ce0&dbm_d=AKAmf-BsL6104vMvyAfpDQvX8GgUuCHVQAggtKn7JNl29h52crCGZWCACOSS7ogBi7fzlPzK_GcXgrDOuQB1AscuHipJoZ4HOgAkwuAC27LDm5yikvsrpk_iJ2exQbWgJAVncGhf1HAbBjBenggwCN8ee_p2jVVNnnVufFjlUUXl0i9LGXHRRyks0Df2UFvK_cUSBOJ1_2jdgGpfW5MPuT4LULeJ6bv71FtQbJF12pxP7dyp2BFCrK4B_j1F0R6UWmtkA-eegfU0Thm07Hhtn5NrrpjSSP7Ns3rT5TCLbJx_UyEKez34JtpmcoBKynfi83kuRUqis5_IyfWKreHVniRYIUH2OGbBgmw6HOHSPmaFCZhIXqJetV_rjpYISr_F1wJhNHpAYXlhRPSb1Zkpgb14gtqxEvwZHSVRTfgDO_OVEBGKewhAdnwWa8YnB86g8pk-uyHBkeRHWZV3npyawDGmDElQBUCq0ycLXKBSX-Hr6-ldpP2Bm8hA-rOoVYglhiWL6tTe9q1-kuIwqd6nmu1k-Guoo5hFzvz60gt_IPHPGQO2atsPeJz-MIsAcPNt5J1I72I_OEdNCo_9PWeb8F92dfvEEqXm2MwG3Id84LDHH6h_qUf5N9lsmkXrUfdHttF9dJafmpGOaVp2tfWVORnR--4NmZG4TutbXJSASerzyPGAQQaBrVZ6ruTbNyuOWitgmTnDr0yymc4ZkDHOynCR0xtsjtK6ZL6EJZ4SqUJbgd5_1NDUlem7hU5saIb0xlsCGEjTZOsxhlsmh6N366WkRlfTP68IyMQ7AQq2-nIOsJhl2ZtCd_MBWGwus2xNSV4FH2ocCYsNvu_lT6Oqk6J6wU4SgsTyPTVdT6NKiPT1ZlI8Y1kHWHVFg5btwkOn-bXPsIlVQ80yFKMAKo6dGQHm12NHXm4DLm6rfOsFvtYjXxpOIxJpPxZpp_R_KQb1mFX4kZ977DoDHW2QEYd4dHeJg0wVVYjbnX8F69StTGh85XqXDXZL-kiVJALfBmQXp_bYDCpQ6rNrXfxWOdp7gmFxsjj896C7EOQzrgCEUl3EQNBVX3GjE_HOCnqqsI9maiyHIwO4CDkXItGzdcjtL07CUIlntZDN6dnehRl5rbfrnq9CfzXxdom5MLnxemnVeIu1BQYjIoIBrwKLt4ffA0suXoFoRqM5ZVRE8WPCZxTjPa_T79AGnQt_xxBSW17d8rUriSX4LHvZyL6kENWwHEyaR89iedCWkqCn_dQaL5QoRqH2qVzU_EibMfGNyyosfKDcl3-757km-81w9MqPVwMpEz_LwQdVyyLGjlyehZ7KpmcCcsmWSocpJgz6WWQ8WHHkpmZK7J2YiINaGsvRiTK8b5uOhPvNu0E_gM5Hm5AD2WCwJErWoGhG1GP6oq7leiNByfGgdmYTNo6f8Ii2uBQXd99L6TYH8Ctztejqj-WhWzobUzxFyAhrc4N5iY5_n6asAiyjP6A9VyVKt8itV2WIM1tkOXIJmjcXlFILhyl1b4ZzazxBWO_8f9ZTdhkqS2budG7j8KZsHAPF_WcZmVMbDs8T75jfatcYt3B1OugXKtCkKliVs6trDjJXm6DePoOJYUbNBO4sTdckOxXYFyVRrIIeaIfnCJ7Ta0K7nLnz94V6ZJTsbtoKsHsqp8r7zqRwnoyFus-dbuqPDZkFRliaT0DzcffVLhhoz24641QL5EX573BLTapLHXJz8EBkI-HuqxT8Gnkr5Bztq_qDitG2fDnYpIiR2EI4OVhlE91_XBETyT7lK5Kr7HRTKB0ubO2gq5WMERREErp2C07a9od5iRUWJzU0xzeQhz_CzkgmfSqOLPdZ-1ywDpcyfrkg8s5nXCveZd8_BtLcvsqqVxQXeCcAMikulgb_tleVjSL0moHq6wZM1GpgYoWF9oq4Iz4zgK033k57Wirqmy-L4CLGLFF29mIV_7-miTefc0-EyL10H95Xcy9vtts3zLSb2omzQjL786lSh5L6jgz1gbm0cAHMAAEvFSUC-7X1vXFABUcyOVs5DGdam6IgRkyyl74xT0CdcFuefCXGNgKHsEJuKbwTiOhubMv-6m72RYSFGvRdbMBx02lEWEJ3X_PFQBtEZZNhy6zXLdHxY7EEdPAMB_nJr-Exkbl5x3y257hWWfSFS3qqTfqmMHZquxceNS8K3AFd_3nztUHPVMF93tDCY4FVlCEcXHSYBtwijR5vK1_aVlVnaf3q4QNgj-qJk5I5rljMqUeEVnosYdJcX7FbbY-eQPAbCqnXOriRf7x4OGJVp7K2fdYxuXgJtvyRsWL4WvSd8Qt0HCwYSrcXfqucCk4uXzDYI-BEvV73N6IVV1Cx4AjbysagKYLWH4NJrTX2i2wh8MLOO1vfGKZ3Sm47q7hB9HuOirA3k-aFl0KpQCIMsiaZackmmfGOSvsbu4YrGAPM_WcnuVx48KHL4T5eqTZcau8aYFYOFDsRVycTjWB-ezS_svOzz3a-tAqPVWSnwgZG2_3PInp3O43PKEHUN0gAb_bpFV0RUQfHxkOv_M7SkSgNTb-HkQtiP7IMilJgiHYAgP_BIE4Z40nb8XfQYVNmTQP9cDwWDSUdI6LaCV-X6L2ZfSDswj3-cwC_kDh6Uz-cqPAPo5QgGJvaV7jscLGyiMDpNXNYn1T7pGGbylRYQvo69AlREat-tGk14oEnXtJvFLC7NkHTJStr4HkuN-qnm4FV7BhDpumb02uBQNeNCgPrmpryXmcUbeCSfT78M4zFQ2IQY6WAIc1lCLUCabU6YQC5xR_tDoQakp-7W4LdEC26FCb_DUv9VtuluKga3MjMEcc5zYyxyVJATpWcdEFpetaxbcV5eim3aHU4NQAOJ1yMFNH_pA26qz-qYOd2l1BtTs3Kw2SwLWUqUS-ZO4tOOAbMVLbxPsDMN7pr_SwtKX81cC9ZHmuLuL8PhubEhkYAwCJbdJXgfRa6uF44joFXeHzYp61kPaT3Jbpl7ADDmXelVfVzYOQrQ5AYpxFgOad-JT3WOo1L1g_dlltJXun8HOFPtYhdoWnA4fUo1Ju2IudOE4MvsSCOwPzDU-xiGId6sEhUYerW4MNXxmgveAJnScZ6-8OCqgY1iZ50hw5F4RYKJNT_HRKKiza7JTEVUZCYS6uHCivNzTsj8lDR5x3vewdj2dbp9vv-xYDb6siLlo3G4nZ13TZv0JeyZQHTKPT8movQh2Kvp31iXkd8IU9tu6f87JEvIGpU9yOjOnS1HesReWO6_X38x8tIkVDinlf9ACJT-eLGvP03W3OfRt-YIqPaBKm6Vh5SIwx_GWuWlHhvzs9y-661ON6zBPB8AhYy1rEAockJHUPn20Si4yWyQhmPnqMAI6eGZ3LuMf-7QTXZO5NLThHMA4pwFJiMH8Ode9Iw_AJTUoaHCC0GW4z52bbHTdt3WO2A708-GZttRb6Gj3E3nBg-pVc1eMhFCPGDH3QldbCUCjydVoWcvd7Pkr5qfspdDvGgudcvBLsOgOODfzkr2DM6Omi7Anf66KwurC-9F9GIkx9oTWHsPd5uwUBDN5710S1g7t-t_t0SUgaIiaKesyiwTLsOekumQQCTPmdJp8LQ3QOIC3EkqZfC4_2ziQ5dqCs6mSkOX9C9y2J1p1WYv5-i_X_UQViQae1UYOVL8L7vIvAt7M7MlK_8op-LLgqB36Z1X7GtKceT-4XtNLZrVSGniUJ9kyGR00MuFTnp1K9VLtk40xHeFBHpy00sdhhxvKbdA1JA3GPQJlxwh41WpBZGSEQqCJKZ0SYASGHU5JpYPzY5fLN6X8BJQ1kihMNuXF6okbW09vajcpEqdE04wdTn95qmihV5_OAjfqti9yVSsPWK6a97SdIpTgoDy6760XBu_AHNnn7lemvFcCw&cid=CAQSPADICaaNzXEldi0XlqnPUVQ-c7L-4acvjeXdTMVzX_nQbqVIoQyNti0SHcaHZcntfOw6_Ukz1bP5OsXbsxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ds=l&xdt=1&iif=1&cor=5369717108827390000&adk=3690638929&idt=85&cac=0&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
46926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B722 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
417662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6F94 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 11 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B722 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
758bb6b7d9d7db5513a1624d7ef78b2a7b2a4686e31f4dc2a9b71bd991f1c3ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
im02.jpg
s0.2mdn.net/sadbundle/3465022879399501747/images/ Frame FC5F 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3465022879399501747/images/im02.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
316ce5814490d1f05570902695f20386422fd6147803fe01e39d7cea076a712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 22:00:27 GMT
x-content-type-options
nosniff
age
17939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62748
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 12:49:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Oct 2024 22:00:27 GMT
rar
as.ad4m.at/ad/ Frame 9ED5 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ac8bfd3ce05d23614cf45cee2f143da008d56720e1055abe9cf64720386eac
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gyvfq4t6hy68pqys6rrxf1j7zcpfgy6z7z6ps96vnek9zrbv4m09610kgr3dq5yx3e7cv2jp6h57m7t8pp8b1gq711m9b7832py9ezdev4szeh25zq2b6j2hg7p0gv8ehp3nchv9jge3jp0sxtzep8t62rbr688jeb962834x2033z1wynn3hjvf44xbn85rv50bzqt3qb6mn5ac26dr77btjdw85x2pxa8cck5svxrek2mrsxbbmn7x47frefbew2wxw0qkxbh8d5x24y6z6mcfw67nwy5nb5qh21pvhq9gw40m9m789r910h2p12wk9ce1v9fe4dvsy48qcx9sy6knzpxjas8pcqhefvj2eqmr0c8a41q6tse6brzr1mc3w2r5492pvmqv8gqd0mc8ff12f9fja7dnhemwp1saq7015yxekgcmn46p47975sbngd126zzst5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%26client%3Dca-pub-7968146525597976%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8143d8d839d13a92-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:26 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
index.html
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
710a17af69e924b49918d0eb90b55214d82d1e33b252db1b84786d39fe311303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3857
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:26 GMT
expires
Thu, 10 Oct 2024 02:59:26 GMT
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B722 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqFR3ibhzIFQYxH90fDYR8Wa7X76JzprEKE_jJ6SvRXPPQ8rbLNHML9Lv-p9Pjb0sqMIzhd3s8ffODAmJtOlSpzNj6l-MsKZc_aUWms7W0BDvEK-OOF-sLIO8axkCBOxLxg6osx5HeenjQNzP8-3PXJFsA6PUFXOfKAQOSf-7sOL20xn1u487T7O_aAw4by_DPmr1LEo2yCrwqXL0uxm3QkMTmb8zF-rD2sgxxQLKHaDAfsQU2xsy1sDmvotpoVSaAdaCWX30o0jKnegZqHNMN-4E-Gzfe7z2JOmM7wp4Cv33FQjuLFkbVRpKUJkI6rjIG7uh4-kPJJ-39gtftabvbujEyWH4PXGvnqkY72nup3YD_cFqv6yygxnOrLjycB2GaZKZyArI9glGdQ2wke9AIDwT1RXVhmfp01Fr_VrCTda5UyFsNz99WgybFkJSEfM1CE8AxuJ8zqWdJXsmByamjtDblH9VXn-oXngU34hDYB5xEfbnVWzKQcKHZgT_Cm34FG-Y4C9M3u3g7eLf_oaBuzkSoGHYW84KUiCiAycRlQAjFoQXK1OmICsZrrTmtxvaM78XQUEWGM1dfGrpjbT_XL0qOqpkSYnkvQDrtGSb-28Z3XATyGmcXsAZZRw2rRX9cFzgHE6dW0DF8M0hinw-p7AkcHbr0iR2mNnW_5_NIfLen11UTJI13WHT09ggky3GWnninOqXCPUli-zG6Cj506h9gSPMGQrTT-Obi_AwAQqN_jQ6dtmbyo3c3f0Dk5rC1y50ZZc8abwkL0kPNdMPt-GJZEieZu3EJ62ZdabQQBtgq4YU2R6Z_9QqC0P1w8OXMhm9IdbFh45AoKP3iBvBgf9UM9zu16gR_zzxMb5IWNLI4dDX0Gntqfkz2Gzb21SylHTNP0nbHq3K5SZtTvxw05kihzff0ymYcGJ--LZ_f4MGAtXxc60Z9QUJ2gBgSTI2p2Cy0flw06Ph7fWV8ILvT5kPrj13Jl-HHTsQlvHlFsb2WlFA1xgoQkCdAa9j7oRq3ldrv6zbHE4lssVFJ_WpC95yn5WJELPV5PAHxJmRFUI7-piWT3PabKG5BEqrz3oWwNEMn7xpHgDSBgGf-kkucZL4kZ2Rl687MMVBGqp6miB037ia3RxeLHKoBYiOKD9mKnnj-CSfXSK_h7rfBR0PDByGmn0Hr26t9I0gj_RIYRMRYM2iGjJsASyOnikkyjyT5xck9VcgpUgQ4gl6AnmlffKJAAE0gRbEbmo7X3pws3T9IA4c1wLK36avyt2U6G6fG-vAZiUcJm38Caycb7GTKYczxavaZu8Oxd6_OKngcAyAer8inYsCPWSe0-3k5T4LYDXAHUXGb6C9hBTSFTuLPYQ&sai=AMfl-YQnAfXwcQQGvsRzAthx8laKITC3LQlfHQBUlKA8U-9PHTSkdapl1jdKag2buGGtnXHnrB6Nj2bcm7-dHxEQVHHf8N9hvFYzswoqw7YfVIGmwoGj4EG0SZF88Y-MWn2qwI93PcaiHfoKf7p3ACA1CHOPk6qybpzq4Mg829YsNrsi0IQ58OjWoVqlRdL5PoCjkG8Gb9pUZt4L70IvXBoL7QkYGcuCrVpMLY_7RpEEVOk71bAcvtP4EQ7FGM4BCxf29ggJtes&sig=Cg0ArKJSzGdqi_EEO5tQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=193&cbvp=1&cstd=165&cisv=r20231004.71529&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Oct 2023 02:59:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 6F94 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELi3odLWnSZesYvMTrautHM&google_cver=1&google_push=AXcoOmQ0SWCaEBqwzm8cCxEeaTYscIhpNOkg8JtSpRc0LblkxHqL7GLMGxkAerxemm7Y8kWJ3-gcnuDrKIpIOPhQGaIHpnaFHcTe
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 6F94
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlqDtvL9QZlhOvb5HnJRFI&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXU1VE9hcWUxUVFwcnQ1&google_gid=CAESEPlqDtvL9QZlhOvb5HnJRFI&google_cver=1&google_push=AXcoOmTOxogODmYTOm5lqg_ancRHJ7edWC-1O14PuBaSxcf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXU1VE9hcWUxUVFwcnQ1&google_gid=CAESEPlqDtvL9QZlhOvb5HnJRFI&google_cver=1&google_push=AXcoOmTOxogODmYTOm5lqg_ancRHJ7edWC-1O14PuBaSxcfyMEordx44E8AXsJaGlc_ku7EKC2WSdq-OmS0mhq5eqzIn0-S6dCYZpQ
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 11 Oct 2023 02:59:25 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXU1VE9hcWUxUVFwcnQ1&google_gid=CAESEPlqDtvL9QZlhOvb5HnJRFI&google_cver=1&google_push=AXcoOmTOxogODmYTOm5lqg_ancRHJ7edWC-1O14PuBaSxcfyMEordx44E8AXsJaGlc_ku7EKC2WSdq-OmS0mhq5eqzIn0-S6dCYZpQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 6F94
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFbzWCMIqe52-3lNrE3lQxU&google_cver=1&google_push=AXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFbzWCMIqe52-3lNrE3lQxU&google_cver=1&google_push=AXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhI...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFbzWCMIqe52-3lNrE3lQxU&google_cver=1&google_push=AXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8143d8dc8bd09bc4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
47
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFbzWCMIqe52-3lNrE3lQxU&google_cver=1&google_push=AXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmReMUZq9EIa2bXOrDh9WTQMzS7BHYC5nas7C6yxUkL800G5w02dUAlODYsywn6SiQF7Yn-uE2Ea_roUoMI9G5K5ajlRkhIF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8143d8dabb179bc4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F94
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAuzy5GN6Q5yC_sr_ghaELg&google_cver=1&google_push=AXcoOmRP1Cdp2THI5Ly3nJl-yymRg8Iyc5-uwYVXOSpIIigPgrfMC2vwK7mp9xPEY0owkkyQl92dp98V...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzOTc0NTUwNzM5MzQyMjQ3NQ&google_push=AXcoOmRP1Cdp2THI5Ly3nJl-yymRg8Iyc5-uwYVXOSpIIigPgrfMC2vwK7mp9xPEY0owkkyQl92dp9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzOTc0NTUwNzM5MzQyMjQ3NQ&google_push=AXcoOmRP1Cdp2THI5Ly3nJl-yymRg8Iyc5-uwYVXOSpIIigPgrfMC2vwK7mp9xPEY0owkkyQl92dp98Ve6hzBLjveWNtdoU1JlNkjQ
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzOTc0NTUwNzM5MzQyMjQ3NQ&google_push=AXcoOmRP1Cdp2THI5Ly3nJl-yymRg8Iyc5-uwYVXOSpIIigPgrfMC2vwK7mp9xPEY0owkkyQl92dp98Ve6hzBLjveWNtdoU1JlNkjQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 6F94 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHuVR1S9A6FIY-fJIrk_N00&google_cver=1&google_push=AXcoOmRoawYQLISYLkagmZMxssg87BfBNmJ0OVS2f9Ke1NWpl0pd9D0CL3iEyx2GFgEWh7wT6TT1y665WRtmtIDmi9lq2r0dpgH56A
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 6F94
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEO-Ktk4ZBQv3HWdTum9N8zU&google_cver=1&google_push=AXcoOmTrqtbN0BXv82GMFoWeeQ6S4PMYjz5FC0WsmA4iVLeK_tDb4HioL5KpHYX_AEXIH9ZIE5bh5PekfvJ5Y2_9S...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEO-Ktk4ZBQv3HWdTum9N8zU&google_cver=1&google_push=AXcoOmTrqtbN0BXv82GMFoWeeQ6S4PMYjz5FC0WsmA4iVLeK_tDb4HioL5KpHYX_AEXIH9ZIE5bh5PekfvJ5Y2_9S...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTrqtbN0BXv82GMFoWeeQ6S4PMYjz5FC0WsmA4iVLeK_tDb4HioL5KpHYX_AEXIH9ZIE5bh5PekfvJ5Y2_9S08WB7RsOVmORA&google_hm=Hd0TqGZHZYxid7qHSH-R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTrqtbN0BXv82GMFoWeeQ6S4PMYjz5FC0WsmA4iVLeK_tDb4HioL5KpHYX_AEXIH9ZIE5bh5PekfvJ5Y2_9S08WB7RsOVmORA&google_hm=Hd0TqGZHZYxid7qHSH-RIbwY
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 11 Oct 2023 02:59:26 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTrqtbN0BXv82GMFoWeeQ6S4PMYjz5FC0WsmA4iVLeK_tDb4HioL5KpHYX_AEXIH9ZIE5bh5PekfvJ5Y2_9S08WB7RsOVmORA&google_hm=Hd0TqGZHZYxid7qHSH-RIbwY
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6F94
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c01a8213-3375-4220-b2db-f6c6ed8cbdec&google_cver=1&google_gid=CAESEA_heDCuxIWROgcx_Y_kOrY&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c01a8213-3375-4220-b2db-f6c6ed8cbdec&google_cver=1&google_gid=CAESEA_heDCuxIWROgcx_Y_kOrY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQOx393Qt32XZX6WaMm0nJ3ecZevNrAE0rtcJqstjaq54nWnnv3bNDEG7D9sF26fznEOetVtNqRO3WCV8JM-P6L1RMN4CuC0xM&gdpr=${GDPR}
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c01a8213-3375-4220-b2db-f6c6ed8cbdec&google_cver=1&google_gid=CAESEA_heDCuxIWROgcx_Y_kOrY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQOx393Qt32XZX6WaMm0nJ3ecZevNrAE0rtcJqstjaq54nWnnv3bNDEG7D9sF26fznEOetVtNqRO3WCV8JM-P6L1RMN4CuC0xM&gdpr=${GDPR}
date
Wed, 11 Oct 2023 02:59:26 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6F94 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LE23qL-0lR-49Hgiv7FB0XX0KO0AgLq_FVWA0lYaH_Y0xt20bHsI-fypEJEYqvEJwaeSe-pQ
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C694 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
479394
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
im03.jpg
s0.2mdn.net/sadbundle/3465022879399501747/images/ Frame FC5F 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3465022879399501747/images/im03.jpg
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc9e7694ab9dfc6cbecb37b32dd4f6dabdea66bf8df61194d35719f2b5cd00f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 22:00:27 GMT
x-content-type-options
nosniff
age
17939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67614
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 12:49:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Oct 2024 22:00:27 GMT
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 9ED5 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
407371
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siMia639qz625CxnFUOIWo%2Fd3V%2FCvt%2BLxjttw6wcaRsSuoCML29mLpxZEs9VyBY7FsPqYnohiKWEzUyvF42EpIfwDOQ0pWhO6nNJAbTQR6wFQaTX7%2FEtGR%2FhNY09s%2B%2BplIW5cRyNmsU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
8143d8d8ea673a92-FRA
expires
Wed, 11 Oct 2023 03:59:26 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9ED5 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1761798
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VefUqJ%2BYFcnzr9V%2Bf3GWCPoAZg0UlYG4ot3kWWM8B65dMobi62AVDdEyXze6u%2B%2BIAKw9xn2FAhfAgOjnMILFtdyFZ%2Bx%2FkUFIomKo0wl46b8pAQU7cHz7iBXxtOesSvLTKysTxmj3EJFbDUs%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8d8fcd41911-FRA
expires
Thu, 12 Oct 2023 02:59:26 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 9ED5 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
335930
cf-polished
degrade=85, origSize=132437, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
31747
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyRn%2F8YK9vkwDlfYEPYPRDv066mJJM2%2BZIgr3B%2Bs0Y%2F1oPsQOVMiOsLxZIOjwb4N%2FzFvcUAobxkx9qLhbCaBqbiwdkcx5SgIrWq7p17Ua%2ByJWMvvi4NPtgfgsVuSKZsS7Hol%2FHYhL8bUR8gL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8d90cd71911-FRA
expires
Thu, 12 Oct 2023 02:59:26 GMT
/
partner.o2online.de/a/ Frame 9ED5
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN2-g5eA7YEDFT3jEQgdQUQIQw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101104592789569766385X120211V1226132702MSviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101104592789569766385X120211V1226132702MSviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023101104592789569766385X120211V1226132702MSviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:27 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101104592789569766385X120211V1226132702MSviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023101104592789569766385X120211V1226132702MSviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=120211&partnerid=12218
date
Wed, 11 Oct 2023 02:59:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 9ED5 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111682
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jg%2FvB9xTLoVkctWl%2BfsRcGbTV%2FZOy5dqz8MgVM425dWoYXRYMvgfjEnjPIZKQb5nuFBQWl%2ByoEdp%2FP9%2BJfFGw0eea0rm9ivFfSRA76VzIMcvE1UtHtUWwMfDqotuNLdeZgdtaxjP5DuTcw0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8d91ce71911-FRA
expires
Thu, 12 Oct 2023 02:59:26 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 9ED5 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336636
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ij31ZtP%2Boqk6BvgWnCmG%2FMdqnPcgcPuNvDn6Q7UdDr6iRL9m5rkl%2Fu3DL1UJLFRI1vOeUBkkTFo5Br%2BgDPLj8z8if5%2BexRm9elg773EpDkrI%2FFkDIXpJp9IHn%2BHTid6VUCo981eLE1VXzX8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8d91ce91911-FRA
expires
Thu, 12 Oct 2023 02:59:26 GMT
cshow.php
www.awin1.com/ Frame 9ED5 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Oct 2023 02:59:26 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
assets.ad4m.at/logo/ Frame 9ED5 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1993881
cf-polished
origFmt=png, origSize=155987
alt-svc
h3=":443"; ma=86400
content-length
97378
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:34:04 GMT
server
cloudflare
etag
"046c487317a4f122cc1e9773901d1d88"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ij9qZOhOxvNXkhiRgMYVyyb8%2FuEEQIVLYyj6x3fbmlQNIIU2139m8CH%2FaScuvORVqBq0sK1hZ2%2FwUbQ0C2phVuQCsRCa6F5U6O7%2BBRnFfDneRO7ou%2FGcC2c8SL6hHIn5xwhM8pJt1iPzj7OK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8d91ceb1911-FRA
expires
Thu, 12 Oct 2023 02:59:26 GMT
F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
assets.ad4m.at/ Frame 9ED5 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2367375
cf-polished
origFmt=png, origSize=167445
alt-svc
h3=":443"; ma=86400
content-length
99202
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:42:06 GMT
server
cloudflare
etag
"cdf0423881e134b37ad0cbff5572a8e7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tL5UJg5frJoqZUV6rmuvONo8YXcRav8RXDi%2BgbFRkd4arcdLZEQgrBa%2FVDBrAGRAD%2BGtckU3HkLIK4cdAlSkQ%2BaySaV%2BgKQKaMg2W25X4%2BKiaExEG9x8bWYtYfch6JbZHHBqVedrcTCLblzS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8d91cec1911-FRA
expires
Thu, 12 Oct 2023 02:59:26 GMT
view
t.adcell.com/p/ Frame 9ED5 		42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C482267&b=bQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23RE%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=32MFpf4fZrZU7HrHAtXC997fPSWTK3XCArQe%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=0366c6edd6b4a66b06162feceb6aa7eb%2F3930020296077906379&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993166013&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghkd2jyd6hyaqsq7rvdpmazd3e1b6trgmc1j5rwy693ykyhxm8rb4q6asr8s7vbcay12dtmqfez6cwkjcza2yja9hv9w9cvsebyzb3f7mbmapc9q85c1wtxbyaz38vazs6j8372yr7zenb0rpgzt42fegh6b54ty17ckvf4ese6jab8c1vayxqpv8a3crrwkeyms6qe93ww1p61ddava44ynkkaept08s5dn2k06zkf452f4e2nnktvpcx2882nc2wxpqtpfwxdmw7wnvgvx1mnq8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkyeMjA8mZcCKO5mWjuwPi7SQiAiQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi03OTY4MTQ2NTI1NTk3OTc2yAEJqQJ6EN9mGMqxPuACAKgDAcgDAqoE_AFP0OKYCI0oPZQ4Vttg_BKaMMCpzcRGBPhQykywURfNqro51jEJxh3Z43ZmMaflTPfvya0BOUBgtE8mVbo63Z49sz-udeKJAkktkG8cwzCDf3TmYdfaREYoi4Wvax-bP5AC437d-Yhg4Qn7SJKkYcdaxdzR-uTEhf5aZ_pAgF_soBpjtTofHbtSdWeKK5F3TimyMu2ws6TY7In2ZfEwEtINJPLPiMUd194ePAgrU7OijDQ6xrc1W_fwGiTKDz5fkjtie44OgWpy-M_0LjWMq5apa7lA2nz9dRXCTaWpTmn3sUjD579RxZboBDy-4qeyKdawnyCbns6f8H5l2QvgBAGABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3nWG0mFxRViSLG5D3qbxpuQOKu4A%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
adlib.css
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbaec7fa8ba99605d0b49338344dda248bc8adf0c2204242f42005e8fcc7252a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 06:31:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332861
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1918
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 06:31:45 GMT
adStyle.css
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbfc849b3617cea6f53b02cdd7c9a3b2d0ea7c2bd1d44d0ad4f6c69e05500de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416838
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1104
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 07:12:08 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F386 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 04:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 04:40:24 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F386 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 02:59:26 GMT
blackBG.png
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/blackBG.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eccf879a4497fe87c2b9e3c95648365f457b33daba057a4b172dd4b5ba059793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 08:01:18 GMT
x-content-type-options
nosniff
age
327488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5124
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 08:01:18 GMT
whiteBG.png
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/whiteBG.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a98eff3ad8efbc7946ea27da0be267ace3f4f54b25195a5cc14c3375ba3e8ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 01:54:24 GMT
x-content-type-options
nosniff
age
349502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19900
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 01:54:24 GMT
DysonLogo_White.png
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/DysonLogo_White.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
810acd31b7ecd2d4620ecd26aab627950bc81a1773505ab199d0f605f4195a58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:37:02 GMT
x-content-type-options
nosniff
age
361344
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4344
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 22:37:02 GMT
DysonLogo_Black.png
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/DysonLogo_Black.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d768634a29c575842036df911561eaffe49035fac81e0c47a1fe09df13511c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:20:44 GMT
x-content-type-options
nosniff
age
416322
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4198
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 07:20:44 GMT
starRating.png
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/starRating.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d3ed1ff23eefc1603b609c5f8175919a332e3067f587556ed59f0c535a0e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 06:20:05 GMT
x-content-type-options
nosniff
age
333561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6183
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 06:20:05 GMT
black_arrow.png
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		570 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/black_arrow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cac16cf52dd483289d5ee5398fc828417e0cc977d4b7f3c46d7bef862b14c39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 10:43:02 GMT
x-content-type-options
nosniff
age
404184
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
570
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 10:43:02 GMT
textFit.js
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/textFit.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 08:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2875
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 08:01:18 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 12:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10802
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 12:43:18 GMT
animation.js
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91bfe6adcf3a1a7ed851e490ea5fcb81900e39bbe61f8a666a880b50d6051ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1143
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 18:56:18 GMT
utmParser.js
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		2 KB
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/utmParser.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d29c378c2d12029d2022a158ed3ea4c7fd631faffef3da186c77d1d215cd8967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 16:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
472
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 16:25:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 105D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXxU2jQ8mZdLgDfO59u8Pma2ByAkAAAAAOAHgBAI&bg=!IyClIG_NAAYMG8UMLBs7ADQBe5WfOLcJnd_XsqWtWdGDDks-6HAMBa1xDCbqTkD5oT_Pmek8_4G5e6_a5BB2ROvFAzvsAgAAAZZSAAAAKGgBBwoAGScFTNnAqZERu-Wv62UkV8GjYJBvhRr7RuiZAvr88ggQ8z6FNOOx7kunCm075Vt1waH4gQDRDOc3NWAdD_xTgndLr5jQWfZBOsFR9viLA2Ai3VBtuZroHQYaBAYwi00ypedoUzRKlY9yVuSrAdk8bRB9SNyYLF4JxprS_eMlo0q5Qs2ImqvfgqgBPsBWrq_yN4vFRDMyb4D6MjEO4v7_ZvBsU7NOdcVxdU-HafKxbSd9D1ekFie8VB9r_bRpEuv1IaoCev4Uw_I3Ey9OgJs3tNVg0d901hxrKW4tXjvRKmZSKJ7K_pLExryUt_lcGkWVCIEAp1Iwt6U8YY59NssCJTkLxylB3XxwieiKKOmmC1SlFDFrURE8hiEyPMRJaZZpALJmFtBDtLsSNc9Gp7qzVB27hRWfVYpqzooTGWo3XLsGHcKyvNz57W6B_vWlvejZe0hLOJuECn25aN-Bwk6Dppjnn-Dba2XX44Z3vjuIgX8YeJyLlXQCwOGFqxQv53ogOTuHuh5pPFyB4bux9hlj9TLTsZfizPZL-vToXuILMR8dwCYHhoNB9Z9znQLymcOyAx_2h3rcmeiwsrq-Pxqgn1SI_wEO9JLwtLKv65h1RMWXOJlzuQlGgRoLq61G7iHMTcr2t_enwVSEzSP1_G4cJ8N17YTdD7CDEs4WuKqLxJsTFWkSpMKdbtOF0LWIf7ZbqAYSnkwzFqwdcpNHIndC8zLEYt-DIiGCiQIsrDwJd4658Hkpnz31f3jBqNGq79gNsAM10wAHg25-AbDvLwUSHXY7FgkQA_oEgAScbEpkvgH-9kUl1kbAMuWsY5YVqVcbSPl8WAsY5hYS2JmBdqcLY7wFhgs-S08OpWW5vsxC9RVchyFlmKLiNGU_2F1sBMPPghxc_LhHe1BbBT10BBWFv078a7n0v4yMOHEPVzTgm3Ltt_JmpEr2K8ZcpKHzq9NglwJo3uiK1FAEAxbg_sfU9gWdJkqYMLJojm6hpC1Ju_zEbSKRn3OcMhyXR2bJzktzNjUfLkfvqkFDO3maG1TT-fQZTaafzw4
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame FF4A 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
35139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame FF4A 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
35139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame FF4A 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
35139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame FF4A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
35139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame FF4A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
35139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
truncated
/ Frame FF4A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dec218b2d0cebdd628b430486ad41be61b9d14393faa4310816f27e7fc46703

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
6214744760948570636
tpc.googlesyndication.com/simgad/ Frame FF4A 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6214744760948570636?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn5CinD7T3zHiWDATzYKP82TLzBzQ
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01c9b002357c501ff1918ac4123df85dfa2e6fdd0e6968d54dd1b62a08dda71d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:09:02 GMT
x-content-type-options
nosniff
age
597024
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21710
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 15:21:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Oct 2024 05:09:02 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF4A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:36:17 GMT
x-content-type-options
nosniff
server
cafe
age
69789
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 11 Oct 2023 07:36:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF4A 		344 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
72065
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 11 Oct 2023 06:58:21 GMT
l
www.google.com/ads/measurement/ Frame FF4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbGwmd_hd8ioF08TLRc3oH3dhf9Logv1P7ioBJxhaIcTjZ-MSOV8pH4oPS60uioxnuwJbFsntJqp8vG0XGEHxbg4azaw
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
legal.png
s0.2mdn.net/sadbundle/3465022879399501747/images/ Frame FC5F 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3465022879399501747/images/legal.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
579fcceb4d2fc98f5fa05b85af39bf03e17375496a2095e3a94ec55405757416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 22:00:28 GMT
x-content-type-options
nosniff
age
17938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37639
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 12:49:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Oct 2024 22:00:28 GMT
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame C694 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
501731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:37:15 GMT
4.js
static.adsafeprotected.com/ Frame B722
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1291251/67826871/4.js?ias_dspID=3&ias_campId=1010179150&ias_pubId=pub-7968146525597976&ias_chanId=1&ias_placementId=19226434042&bidurl=https://dacota.tw/blog/p...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_jQ8mZbaeNNjCx_AP5dKDmA4&cbFunctionName=goog_wrapCb_jQ8mZbaeNNjCx_AP5dKDmA4&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_jQ8mZbaeNNjCx_AP5dKDmA4&cbFunctionName=goog_wrapCb_jQ8mZbaeNNjCx_AP5dKDmA4&true_pb=
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:c800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
date
Sun, 08 Oct 2023 04:44:45 GMT
x-amz-cf-pop
FRA56-P5
age
252882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
9vvY0fWtAJHzY6abUMMqJfPyLDg1YRbnqf-PJ-nUtOFH0LWqNFsXAw==

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_jQ8mZbaeNNjCx_AP5dKDmA4&cbFunctionName=goog_wrapCb_jQ8mZbaeNNjCx_AP5dKDmA4&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame CB0B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1738216
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8cEHszen4dMZ-PnrnV7y7ShcMSuYTahUL0GeG8Cmj3Bhfc4QxUzCSA==
65f83b54b5ef87a67c83759c48c29205.min.js
brain.adbot.tw/js/cfg/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/js/cfg/65f83b54b5ef87a67c83759c48c29205.min.js
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/bootstrap.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
49f1b76fba70b4c734908e2bde1db752ff83c60771843a03063952c1849ebaff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jul 2023 09:00:32 GMT
ETag
W/"64afbd30-9d7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 11 Oct 2023 03:59:26 GMT
dt
dt.adsafeprotected.com/ Frame B722 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=e3b0a2d4-5799-3433-78a0-37ac6b6a10b7&tv=%7Bc:qHJ1sz,pingTime:-3,time:107,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:35%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:108,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSlknTK+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b12%7C1b2%7C1c*.1291251-67826871%7C1c1%7C1c2%7C1c3%7C1c4%7C1d,idMap:1c*,rmeas:1,rend:0,renddet:na,siq:38%7D&br=c
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:a723:103f:3bdb:6540 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B722 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=e3b0a2d4-5799-3433-78a0-37ac6b6a10b7&tv=%7Bc:qHJ1sF,pingTime:-6,time:113,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSlknTK+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b12%7C1b2%7C1c*.1291251-67826871%7C1c1%7C1c2%7C1c3%7C1c4%7C1d,idMap:1c*,rmeas:1,rend:0,renddet:na,siq:38%7D&tpiLookup=ao:dacota.tw*&br=c
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:a723:103f:3bdb:6540 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
logo.png
s0.2mdn.net/sadbundle/3465022879399501747/images/ Frame FC5F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3465022879399501747/images/logo.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6712089206b5241b4f3d932069b02da04631a9fff325bd1cd32b078af9ca8c56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3465022879399501747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 22:00:28 GMT
x-content-type-options
nosniff
age
17938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6316
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 12:49:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Oct 2024 22:00:28 GMT
dt
dt.adsafeprotected.com/ Frame B722 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=e3b0a2d4-5799-3433-78a0-37ac6b6a10b7&tv=%7Bc:qHJ1sP,pingTime:-2,time:123,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:759,beZ:761,mfA:764,cmA:766,inA:766,inZ:770,prA:771,prZ:787,si:796,poA:798,poZ:830,cmZ:830,mfZ:830,loA:871,loZ:875,ltA:882,ltZ:882%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:35%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:123,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSlknTK+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b11%7C1b12%7C1b2%7C1c*.1291251-67826871%7C1c1%7C1c2%7C1c3%7C1c4%7C1d,idMap:1c*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:38,sinceFw:84,readyFired:true%7D&br=c
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:a723:103f:3bdb:6540 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ Frame F386 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7ce8ae0b9b456213f9bebc68c88a5f33166529a46c5fcf1bb6834b3b425c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5801
x-xss-protection
0
container.html
88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAC4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090201/pubads_impl.js?cb=31078709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:23 GMT
expires
Thu, 10 Oct 2024 02:59:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dr
as.ad4m.at/ad/ Frame 97E4 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kmt80fe61y6h3scfhn23wytzrq9e6v0wh88187em5ccjazs0sz6552xtkhxfcpxpctafd8j6reg7p4scew9ps23ybkd8hfssm8f5a3et0mws1wb700wa0hx97c0c0fsqq9w8b60qhp5czz88g43mmb4vb7esc42pyh2jm2fn8mjzeshgxbtgj0kyatmcsmhkcfc1bg51a2qysbedxa0p82k0tjk3m86wsq5jkht670gnmytwf9kssh7d4xd6tn6d6jcaebx0varq0w3rnzkz7pj3gwt6pvp1rjmgv9s2jaj1ycynwaeepr1y09ky5e8b8r59mbb5t5hs176vjny7bahjf6cnyfv9xm7tfrzzadnfwv1xx0c8spbnmcg19s7g2yef0vsdrzyvt2qe5e4kx1gm6ftjgd6fatf54mpw87ncr06y87tefpvbvy8cj51x10fd7fekeb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%26client%3Dca-pub-7968146525597976%26adurl%3D
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8099c9a29e898dd787bc4b9d844cb0671b65d3d9cd919e0a694f8f40fd3968bc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8143d8dbfbf63a92-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:26 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DAC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 16:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:17:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3544 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 11 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DAC4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame DAC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS26IGn9_VC4ABXBDh3UuQMjYcpoT-JdxrJCADYvmbTudoDfhghJxmerIAUxxDv2EgSaL2cdOThhLgtpDsLGOZwfkq4-Q
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DAC4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
419117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 05 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DAC4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:59:26 GMT
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 97E4 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmt80fe61y6h3scfhn23wytzrq9e6v0wh88187em5ccjazs0sz6552xtkhxfcpxpctafd8j6reg7p4scew9ps23ybkd8hfssm8f5a3et0mws1wb700wa0hx97c0c0fsqq9w8b60qhp5czz88g43mmb4vb7esc42pyh2jm2fn8mjzeshgxbtgj0kyatmcsmhkcfc1bg51a2qysbedxa0p82k0tjk3m86wsq5jkht670gnmytwf9kssh7d4xd6tn6d6jcaebx0varq0w3rnzkz7pj3gwt6pvp1rjmgv9s2jaj1ycynwaeepr1y09ky5e8b8r59mbb5t5hs176vjny7bahjf6cnyfv9xm7tfrzzadnfwv1xx0c8spbnmcg19s7g2yef0vsdrzyvt2qe5e4kx1gm6ftjgd6fatf54mpw87ncr06y87tefpvbvy8cj51x10fd7fekeb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%26client%3Dca-pub-7968146525597976%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kmt80fe61y6h3scfhn23wytzrq9e6v0wh88187em5ccjazs0sz6552xtkhxfcpxpctafd8j6reg7p4scew9ps23ybkd8hfssm8f5a3et0mws1wb700wa0hx97c0c0fsqq9w8b60qhp5czz88g43mmb4vb7esc42pyh2jm2fn8mjzeshgxbtgj0kyatmcsmhkcfc1bg51a2qysbedxa0p82k0tjk3m86wsq5jkht670gnmytwf9kssh7d4xd6tn6d6jcaebx0varq0w3rnzkz7pj3gwt6pvp1rjmgv9s2jaj1ycynwaeepr1y09ky5e8b8r59mbb5t5hs176vjny7bahjf6cnyfv9xm7tfrzzadnfwv1xx0c8spbnmcg19s7g2yef0vsdrzyvt2qe5e4kx1gm6ftjgd6fatf54mpw87ncr06y87tefpvbvy8cj51x10fd7fekeb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%26client%3Dca-pub-7968146525597976%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
407371
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKwWRe1895ZJbBSUxxWAIKMxPBUb38bcP4U9Vd7wOKPA5DMak2H0yScMCasTMbd%2Boj%2FH8IY%2Frk5tUYX66U3lYravPo6e3O9iqdAP%2FJtAbrAHVNWFyIH1B%2F3INaCuAeBmsjWZPe8kyeI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
8143d8dcfc813a92-FRA
expires
Wed, 11 Oct 2023 03:59:26 GMT
r62eglto.js
ad4m.at/ Frame 97E4 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmt80fe61y6h3scfhn23wytzrq9e6v0wh88187em5ccjazs0sz6552xtkhxfcpxpctafd8j6reg7p4scew9ps23ybkd8hfssm8f5a3et0mws1wb700wa0hx97c0c0fsqq9w8b60qhp5czz88g43mmb4vb7esc42pyh2jm2fn8mjzeshgxbtgj0kyatmcsmhkcfc1bg51a2qysbedxa0p82k0tjk3m86wsq5jkht670gnmytwf9kssh7d4xd6tn6d6jcaebx0varq0w3rnzkz7pj3gwt6pvp1rjmgv9s2jaj1ycynwaeepr1y09ky5e8b8r59mbb5t5hs176vjny7bahjf6cnyfv9xm7tfrzzadnfwv1xx0c8spbnmcg19s7g2yef0vsdrzyvt2qe5e4kx1gm6ftjgd6fatf54mpw87ncr06y87tefpvbvy8cj51x10fd7fekeb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%26client%3Dca-pub-7968146525597976%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
37731
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Fga76NotdAI%2Bmx7jG042lHcTJnciAL1F80D9fzzZhn8rAxBwfSqjxTVZp1KOkLr0%2FiUmzRx%2BG2gPfYvLmczh4O%2FBnUAPMiA%2BQyXYLlqACCHNfrgY5dm1xQG%2FTAJolhxKezza3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8143d8dcfc833a92-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 10 Oct 2023 16:30:25 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame FF4A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date
Wed, 11 Oct 2023 02:59:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F386 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 02:59:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B722 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqFR3ibhzIFQYxH90fDYR8Wa7X76JzprEKE_jJ6SvRXPPQ8rbLNHML9Lv-p9Pjb0sqMIzhd3s8ffODAmJtOlSpzNj6l-MsKZc_aUWms7W0BDvEK-OOF-sLIO8axkCBOxLxg6osx5HeenjQNzP8-3PXJFsA6PUFXOfKAQOSf-7sOL20xn1u487T7O_aAw4by_DPmr1LEo2yCrwqXL0uxm3QkMTmb8zF-rD2sgxxQLKHaDAfsQU2xsy1sDmvotpoVSaAdaCWX30o0jKnegZqHNMN-4E-Gzfe7z2JOmM7wp4Cv33FQjuLFkbVRpKUJkI6rjIG7uh4-kPJJ-39gtftabvbujEyWH4PXGvnqkY72nup3YD_cFqv6yygxnOrLjycB2GaZKZyArI9glGdQ2wke9AIDwT1RXVhmfp01Fr_VrCTda5UyFsNz99WgybFkJSEfM1CE8AxuJ8zqWdJXsmByamjtDblH9VXn-oXngU34hDYB5xEfbnVWzKQcKHZgT_Cm34FG-Y4C9M3u3g7eLf_oaBuzkSoGHYW84KUiCiAycRlQAjFoQXK1OmICsZrrTmtxvaM78XQUEWGM1dfGrpjbT_XL0qOqpkSYnkvQDrtGSb-28Z3XATyGmcXsAZZRw2rRX9cFzgHE6dW0DF8M0hinw-p7AkcHbr0iR2mNnW_5_NIfLen11UTJI13WHT09ggky3GWnninOqXCPUli-zG6Cj506h9gSPMGQrTT-Obi_AwAQqN_jQ6dtmbyo3c3f0Dk5rC1y50ZZc8abwkL0kPNdMPt-GJZEieZu3EJ62ZdabQQBtgq4YU2R6Z_9QqC0P1w8OXMhm9IdbFh45AoKP3iBvBgf9UM9zu16gR_zzxMb5IWNLI4dDX0Gntqfkz2Gzb21SylHTNP0nbHq3K5SZtTvxw05kihzff0ymYcGJ--LZ_f4MGAtXxc60Z9QUJ2gBgSTI2p2Cy0flw06Ph7fWV8ILvT5kPrj13Jl-HHTsQlvHlFsb2WlFA1xgoQkCdAa9j7oRq3ldrv6zbHE4lssVFJ_WpC95yn5WJELPV5PAHxJmRFUI7-piWT3PabKG5BEqrz3oWwNEMn7xpHgDSBgGf-kkucZL4kZ2Rl687MMVBGqp6miB037ia3RxeLHKoBYiOKD9mKnnj-CSfXSK_h7rfBR0PDByGmn0Hr26t9I0gj_RIYRMRYM2iGjJsASyOnikkyjyT5xck9VcgpUgQ4gl6AnmlffKJAAE0gRbEbmo7X3pws3T9IA4c1wLK36avyt2U6G6fG-vAZiUcJm38Caycb7GTKYczxavaZu8Oxd6_OKngcAyAer8inYsCPWSe0-3k5T4LYDXAHUXGb6C9hBTSFTuLPYQ&sai=AMfl-YQnAfXwcQQGvsRzAthx8laKITC3LQlfHQBUlKA8U-9PHTSkdapl1jdKag2buGGtnXHnrB6Nj2bcm7-dHxEQVHHf8N9hvFYzswoqw7YfVIGmwoGj4EG0SZF88Y-MWn2qwI93PcaiHfoKf7p3ACA1CHOPk6qybpzq4Mg829YsNrsi0IQ58OjWoVqlRdL5PoCjkG8Gb9pUZt4L70IvXBoL7QkYGcuCrVpMLY_7RpEEVOk71bAcvtP4EQ7FGM4BCxf29ggJtes&sig=Cg0ArKJSzGdqi_EEO5tQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=947&vt=11&dtpt=754&dett=3&cstd=165&cisv=r20231004.71529&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ypalocation.js
brain.adbot.tw/ 		81 B
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/ypalocation.js
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/bootstrap.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
e2ffa6968df6f9efd5fd5d7243e265f2db2facd35b49fa3ebdae818820d52758

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
public
Date
Wed, 11 Oct 2023 02:59:27 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=3600, public
Connection
keep-alive
Expires
Wed, 11 Oct 2023 03:59:27 GMT
icon
fonts.googleapis.com/ 		569 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/bootstrap.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Oct 2023 02:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 02:59:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Oct 2023 02:59:26 GMT
ypakeywords.js
brain.adbot.tw/ 		3 KB
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/ypakeywords.js?_=1696993166308
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
0686aef685b6f3861f227590f0a5d4409023bd6e29bfb57f626175c7473140e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
js.cookie.min.js
brain.adbot.tw/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/js/js.cookie.min.js?_=1696993166309
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
b9e902238705b06b640bb8fcbaf78e930e7151e73993f135070e62c06ecddd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Mar 2018 10:23:43 GMT
ETag
W/"5a9d1aaf-778"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 10 Nov 2023 02:59:27 GMT
md5.min.js
brain.adbot.tw/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/js/md5.min.js?_=1696993166310
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
4b968dd9042b119b4c62bb90938d7cc8aaaa841f12e8060fa9198b6730a07e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Feb 2018 01:03:27 GMT
ETag
W/"5a94ae5f-fe6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 10 Nov 2023 02:59:27 GMT
data.min.js
brain.adbot.tw/js/ 		1 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/js/data.min.js?_=1696993166311
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
db15da32296382af4df5523c292893a2f403e7788ff761c45a675334abcf572a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2017 09:55:12 GMT
ETag
W/"58760100-410"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 11 Oct 2023 03:59:27 GMT
func.min.js
cell.adbottw.net/js/ 		66 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cell.adbottw.net/js/func.min.js?_=1696993166312
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883305a308a696d24084a1eb21151efb3ad5604eb56b1774151f986a6ec2a4d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 May 2020 08:54:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ec641b3-108d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BfenSfdspqgWPxRonJNfppCSxkBbPKeZu7QzBxca4o%2BBi8f4Fix%2BhL7JMQfTrAVDU3xByMbP33alBiLXIH7RtqqmGdj0DXnIs%2B9QaZfLsnJWlY42rzn9%2F1%2BBaJIs05ilZqfAywTezWeUU1F3p%2F7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8143d8dd9d26916b-FRA
alt-svc
h3=":443"; ma=86400
lineads.min.js
brain.adbot.tw/js/ 		222 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/js/lineads.min.js?_=1696993166313
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
ce199809cce8c12d848eecc371b6d8546304e052d2009766dded8f6dc55206ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 May 2017 02:22:20 GMT
ETag
W/"590a905c-de"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 11 Oct 2023 03:59:27 GMT
adskeyword
gene.breaktime.com.tw/v1/ 		450 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gene.breaktime.com.tw/v1/adskeyword?url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&callback=_pi_adbot_bootstrap.init_gene_keywords&_=1696993166314
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa21e69bc991607e67a924a205a0e2d559fc438c712bab0ee196322c096244a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVYzSBKEJaAbhhYRFP96T1qsmGIOV9TUfbANiwT9n5E0g9ukYU4tnHRbquses64oigNH71TB%2BBBTN62x03SxTjLqSNsGszFXFP9vegkxulGo3QgJlnNyZiw1Y3ydryk3p8EN5up2rCZniI8g99aHbvasghM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=0, max-age=0
cf-ray
8143d8de4c9a37f5-FRA
alt-svc
h3=":443"; ma=86400
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3544
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOJ4LqmltFSLPChHe-uxV80&google_cver=1&google_push=AXcoOmSd4l5KWG9D_eZ0f44h5FJvtblVJHomsJRTyGLQ6MDbYs7uWPh2HZDIlIS37ngwimZaPgLbmjG-3Khn4s59UwwbboRYSvA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA1ODQzNDM5NTczNTczNjMwMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOJ4LqmltFSLPChHe-uxV80&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOJ4LqmltFSLPChHe-uxV80&google_cver=1
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOJ4LqmltFSLPChHe-uxV80&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 3544 		43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEFbzWCMIqe52-3lNrE3lQxU&google_cver=1&google_push=AXcoOmRlcTuQ3P6oTn-ZvQvJxXMIpB9cRiRdR7OTncNeOJ4tG-0n0XRzQ9DWYNmo3jNvfV7ZBY2i2RjtpXNTiXWo_QiJkstNvTA1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRlcTuQ3P6oTn-ZvQvJxXMIpB9cRiRdR7OTncNeOJ4tG-0n0XRzQ9DWYNmo3jNvfV7ZBY2i2RjtpXNTiXWo_QiJkstNvTA1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:27 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8143d8ddac4e9bc4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 3544 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF7-5PD-7lRSv1HT9cJF2Ck&google_cver=1&google_push=AXcoOmS8wRWi8GWDFx-6wpQr7IGqB8XuSnN4qKUWHdlKBnAsRrdG_-fb2tcFcC-xD5xfrbnECRdnDHBf4rtsSacQra78nHYhIZU
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3544 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECbdOmWo_4U3ZHlQqzedoO0&google_cver=1&google_push=AXcoOmQegBNa7ub8k4V0FqARA9FaxHxrBPGOxHGvDrPkV3vTyYIc4Nt4xR4gJ_riDE0yWD7EselDyzHVjHGi85UfLxbNF-pa6ief
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 3544
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ7-3...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmQ7-3e2DRdwGIXAiKdzD8vQCn3Xn15B4NjqWOOna-un98GmFBM-qMmYv-XJuTbHI0ksFHGsLfDQOD8_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmQ7-3e2DRdwGIXAiKdzD8vQCn3Xn15B4NjqWOOna-un98GmFBM-qMmYv-XJuTbHI0ksFHGsLfDQOD8_WugaFCfYjR-lo_w
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-dVwyAasaLT_ndxHHUMBKrYEN1U0xXhB64U79Ng&google_push=AXcoOmQ7-3e2DRdwGIXAiKdzD8vQCn3Xn15B4NjqWOOna-un98GmFBM-qMmYv-XJuTbHI0ksFHGsLfDQOD8_WugaFCfYjR-lo_w
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
602949
content-length
0
expires
Wed, 11 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3544
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDTH9AwyIfpd1k7NVtA29Ig&google_cver=1&google_push=AXcoOmS_mRQdSsWwNt5JXoZZc9YL0joxokZvnxqMuHz1X1u8K4LnDVaxbcAGdh0NAAJlrS8xoIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MNVdaWk0tSS0yMDJS&google_push=AXcoOmS_mRQdSsWwNt5JXoZZc9YL0joxokZvnxqMuHz1X1u8K4LnDVaxbcAGdh0NAAJlrS8xoInHAnggzUAIgQwIvo3UzOL-6Juk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MNVdaWk0tSS0yMDJS&google_push=AXcoOmS_mRQdSsWwNt5JXoZZc9YL0joxokZvnxqMuHz1X1u8K4LnDVaxbcAGdh0NAAJlrS8xoInHAnggzUAIgQwIvo3UzOL-6Juk
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MNVdaWk0tSS0yMDJS&google_push=AXcoOmS_mRQdSsWwNt5JXoZZc9YL0joxokZvnxqMuHz1X1u8K4LnDVaxbcAGdh0NAAJlrS8xoInHAnggzUAIgQwIvo3UzOL-6Juk
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
-
s.ad.smaato.net/c/n/// Frame 3544 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELDIPLq9IsnXGkPVX5VTLHs&google_cver=1&google_push=AXcoOmQ4oeQxT7w2miR1RpPhBXa4Bng9_50QFIZDvznC_feB0LDEvPzle3hh1gbL55y6Bv2k8iBaZd1NkSQ13VbSvtGZeZ8SMFiQ
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
cache-control
no-cache, must-revalidate
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
qV8Dq6T-ImhlfR6JZTfL84xWySf8i_3lZ05ac7qXz5BJJkUY_eEMvA==
x-cache
Miss from cloudfront
attr
cm.g.doubleclick.net/pixel/ Frame 3544 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkiKyrmBucw-gU46r2KxZ8M0g6YZW1PidSLdS-T4hv1iu4n4kgzq-aQ9Wx_NSle9ThFksZ
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD5E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3073541142486&version=m202309260101&ct=76&x=1&cor=7616556678025786000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DAC4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fea82407f6fe167b20f2d2cb8df981e502efb4006c12ade520706ee106227e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
508272-01.png--wid=2000-fmt=png-alpha_1696935783898_508272-01.png
s0.2mdn.net/dynamic/2/11066624/dyson-h.assetsadobe2.com/is/image/content/dam/dyson/images/products/primary/ Frame F386 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11066624/dyson-h.assetsadobe2.com/is/image/content/dam/dyson/images/products/primary/508272-01.png--wid=2000-fmt=png-alpha_1696935783898_508272-01.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2358b722628a6bee49b6b0c16933ca02a310bd2e29aabf0c33a874cdf350f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 12:23:12 GMT
x-content-type-options
nosniff
age
52575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203807
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 11:04:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Oct 2024 12:23:12 GMT
60001657_20221026100545403_dys_gene_de_icon_moneyback_euro.png
s0.2mdn.net/ads/richmedia/studio/60001657/ Frame F386 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60001657/60001657_20221026100545403_dys_gene_de_icon_moneyback_euro.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23695b7a3c6321be4eba15114165127101c524aed6d75ad8c15d0b3bdfaffb32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:36:39 GMT
x-content-type-options
nosniff
age
69768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18602
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 17:05:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 07:36:39 GMT
DysonBlack.png
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/DysonBlack.png
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28082b789e96ff1f1eabcbb5f7821980740883585a91a40848f1879d616e993a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=FGAKMdIEAk&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 05:52:36 GMT
x-content-type-options
nosniff
age
335211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7430
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 05:52:36 GMT
DysonFutura-Book.woff2
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/DysonFutura-Book.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/adStyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
852cafe3bc46d907eb9f6e99e59f57414d3e1ead6a0b7d068d24c1d476313411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/adStyle.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:39:58 GMT
x-content-type-options
nosniff
age
501569
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31984
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Oct 2024 07:39:58 GMT
DysonFutura-Medium.woff2
s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/ Frame F386 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/DysonFutura-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/adStyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01b53b891f4bb2098d700fc629056d47d3628ecfe3e5707bd6ac327aa9c77bd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5850201072315924480/970x250-Dyson_AO_BF_Remarketing/adStyle.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 13:32:31 GMT
x-content-type-options
nosniff
age
307616
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31196
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 10:32:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 13:32:31 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 453A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 19:47:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
25892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Oct 2024 19:47:55 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 97E4 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2563
x-guploader-uploadid
ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXYBDVPk2H3Q63v8gNt97Ufu4UN3XAka6WSRp2cf8p%2F3eRv8pqqYvhr2KAL%2BYhmOx%2B29h0RaTFjjAKx9vJ4mWjXN8HC4%2FG6geZiDgbq6rywiN31W2TuDpXZDgIA62XRPvB3Cp4ajrhT%2FmLD48bL%2F0Gf0"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
8143d8df18591979-FRA
expires
Wed, 11 Oct 2023 02:24:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FF4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COv8RjQ8mZa7xG9OejuwP9aq80A68hrCjc7DIidmkELCQHxABILWx3GVglcKmgrAHoAH34pu0KMgBAuACAKgDAcgDCKoEjgJP0KD24zCLnv1vn-tp15HEb5GE1C01za_0mBvUywyHiLN7A9qMurVqxLJu59V1UWinqZRjadsx3xbhKwEBQmD9fbGbrDGWrg81NBpxGoM9IhGyklzaeVjYZKjUYqFKtMvYIHbtzdXqTUclSPV9b8uwzuTXHzncC6HU1QrIXaI2dNE3wtoPtBqlHSBdPGutqUDKVwAJ4eHWs-lz8cDtnA1ns-RHvFSJEsvmFRhX5hwqpUUYn5G13BDYYLl1dlGWC5YlxpL98QTb3TvC0HZ2Vlhwz4pBgbdnhXluLIwXOnFx-QdolzBrEI7rAidvtthiHJ1jg0kR3_RKz4Rg6H6SD4UjYDtT4fTkavWm5jxTAM7ABPCi3qmiBOAEAYgFnc2AjkSSBQQIBBgBkgUECAUYBKAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDMwCrSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NTYwMjc3MTkwNzEzNDcwmgk9aHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lL2RlLz9jYW1wYWlnbj0xODI4Mjk4MTAyMYAKA8gLAeINEwjc9JSWgO2BAxVTj4MHHXUVD-rYEw3QFQGAFwGyFx4KHAgAEhRwdWItNTAzNDEzNzI2NDUwNDYzNhj2lGw&sigh=EpIgv2rs3aw&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaN42WMKEG2_L9kesXfZd6xBc9jnYy22CPKCj3kekPuZlFZc4DwMQcZl8MG_97T0z87qBoDqC3c3RgB&cbvp=2
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
frame.html
ad4m.at/ Frame 9D2D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1000651
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
8143d8df8deb3a92-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 11 Oct 2023 02:59:27 GMT
expires
Sat, 09 Sep 2023 00:14:58 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxBK%2FNq5uRMpElAlwTbaSauvKf2zY6JR%2F7LBAEW4mbX5ntpUGThNPBOTIFddhWrq8JSs4kDagFxVymynK0S401gXAmKN2SQWoSw47bj7GzUcYuTGVMy93SE7dqLkUiGFbOjaG9c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame B722 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=e3b0a2d4-5799-3433-78a0-37ac6b6a10b7&tv=%7Bc:qHJ1Gy,pingTime:-10,time:974,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696993167321%7C%7C6273c7a56d6108e97513c6386869e405%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7C16da134fcfba598f39e902bdf5dd165c%7C%7C4982ccf23691d53605aa9d1f5d3c2141%7C%7Cd818a7910d13b15cd898d7ec604f680c%7C%7C7be259ccf160cb9702e3377a62982662%7C%7Cc88cdb81bceb9126b941a35ad24ad7ea%7C%7C1663701684,im:%7Bpci:%7Btdr:550%7D%7D%7D
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:a723:103f:3bdb:6540 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:27 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adview
securepubads.g.doubleclick.net/pagead/ Frame DAC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CB_K9jg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT4AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkgJ9ljI7pG7KRgEnp4qMtHgeRITDUX-B0EpLolft5a_mM9iJad1C4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk2ODE0NjUyNTU5Nzk3Nhj2lGw&sigh=6-35iJI_Af4&uach_m=[UACH]&cid=CAQSPADICaaNfMsq-krQivCrzyDEiRhsxQBFv2UqMfFzRmyag6PAh4q4e1vR1nSfojy9XtZBEG5vQmBkZkxEaBgB&cbvp=2&vis=1
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame DAC4 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jykejxjxk477x0fzjrb8jkt5c1rwzp1k8k4eqx13cn4r41zgqgsq3gwe2sdkwp04h8d2ngt52d66dy43564pp0zp5d6nbv3rsej1j6cmjsv0kdxx5kvx389z707cqs22cza30vqawbtzrbra1bfe7540ejnks3592kgsw35rgbq05ffnmf95ftcb0gmh5p3qz8fjttdss2j1ex18wg4b5cg2q4r6my8bka94jvw66ckpn1eae9ny2g4w6dv65cvg04f1zvet864a1we243wdyxwk7rsp9nnck7y1q7pbfj91hb391fakj1mt56gbp6ykt7wkm11nxe8nxyphtr5epwdfj4tcw4hjtqgpf4z7ry0kvj4p12nv8vb3ma7qwbcv171p4fpem2jdbtk&b=ZSYPjgAB_GoKd_v1AAyLCkrS69ty6_4e9gxj7w&cbvp=2
Requested by
Host: 88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
URL: https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Oct 2023 02:59:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame C694 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEjoQjQ8mZbaeNNjCx_AP5dKDmA4AAAAAOAHgBAI&bg=!NTalNnnNAAYMG8UMLBs7ADQBe5WfOCVMVpP_rR6Ti2493pyqX0L6DhJw7kLIWjzK6G6CzG6eljotE_OGscJc3bJAeYNKAgAAA4VSAAAACmgBB5kC-z0tiEyG_BWFEcLPLQ0WFt8Twv8fuoXW3lpEWoutwmLq95feK_LRbA_nSL6SLv6SDJuhCXWWtbSTwsAalhyVfpYQNRBrBn2jlSCGhTs2vLEBemB7ZP1NOWLrmlC_DdjLBXP-Qh4gNk8zck32SH4ZUbGD8V70He1BcG9h27ziincrzLVqR5LMsTUy7CSoHm9HKt_jtTgf_0oWwVpjIDWTkmcbR1dW0UxGvLdZxZ_wYmmsHWfx8KR2V_zqmZVMCkYqzGnE6TwJpEETpXFl9fwbWGmv9CXFeCpDARyjsMBRrDipPt35R29j40RCSraBxgXnhoMQQWX-20PhQKv6INQNuvHpnv98cjwg-a7rY46iLGzcxhAi-PFgiRAJU6VOQrE1G_FAavjqy-U0xwmC9JnJqQwmiVlTWvMxxUs7X3pe5_xtof06GQoEB_uUrGtaMBLj2ORv1v5spUyQX0B-CtCwFojaKcOjkLehsmqJw-Y_h-PGPvtO3ptuJlvKKMc4fYZI-9gTwVQW29btTl86A0CYZTek-XohHmm34liJjP0rlmAdpzfultLxn3Uqy0AsH9pw70VDztVuplW9ZoslyMNkUgRX8HGHtMx1P1DoZKFYwBKLysism85rzChLt4NsOJX6senos_AbHRIbMVYDznS9pFao6MkmLq7lsMcHy6CJn2LGRNZI5OusbkQT14voC3lEyttoLBl_HmwZDyf3JpVh5wJ8y1ZeKY90mGdOZdPpplZVJf1-7BLDmPTlFSRTyN8Oi7CL7y-34ybcOiBqoX6O7f57wkJRJkMf3q6DH_d7BfeEYCQK4vJDK5TUDqtlwKtx3CaGyJDVhoAdZFFPRutrVAsU3JdjX0rZ-xYRact4hfOs3ycmn6VHh6w32QsWidaXkIje9L1XD_1g8kjmtxdWYvEL90wxQbl7EX4sts--Dckqp2RYxAI_tsVAJUmakBOJ1bKNy26gk7o_Fog8TsKfNhUCGL6u63LYHunncqgPdg8ymoz9eigeKXE0PFs
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 97E4 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cb8f074eb7ba1005c015814cb04be288fc301f45b4b6cabd9e281c36cfbc5b3

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWtmMjRp817OYiTj2gEvEOrzux6N%2Fb1VrcuAJ2ZyJMZ%2F8O%2FgYe1ZQG1zly1JzdcZcTGI3I1QwycEayjl6QtLxcO40NLWjzzFotZokm91eMnpYjlhyRPHjGzdGetoLXjLBcl395A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8143d8e1afd635e6-FRA
x-backend-server
aa-reachservice-group-europe-west1-0hk6
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8143d8e14fb535e6-FRA
content-length
24
content-type
text/plain
date
Wed, 11 Oct 2023 02:59:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip7gYRUv6Up5WgrLG6XlpVHQGygbDibkFuePnBlKZdISTYOXqoy8gTVTJY5Hioix7qmtKupAdjDFuWJ5qou6ZRJb7VBbc6PUknTJDReiyoat2hSTNIRixvE3jIwNLHgYEVp7asI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0hk6
rar
as.ad4m.at/ad/ Frame 6F77 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e358ad85780c17171c5f79e92e9236c7423f02aafd24ef187d0380992df2adbc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kmt80fe61y6h3scfhn23wytzrq9e6v0wh88187em5ccjazs0sz6552xtkhxfcpxpctafd8j6reg7p4scew9ps23ybkd8hfssm8f5a3et0mws1wb700wa0hx97c0c0fsqq9w8b60qhp5czz88g43mmb4vb7esc42pyh2jm2fn8mjzeshgxbtgj0kyatmcsmhkcfc1bg51a2qysbedxa0p82k0tjk3m86wsq5jkht670gnmytwf9kssh7d4xd6tn6d6jcaebx0varq0w3rnzkz7pj3gwt6pvp1rjmgv9s2jaj1ycynwaeepr1y09ky5e8b8r59mbb5t5hs176vjny7bahjf6cnyfv9xm7tfrzzadnfwv1xx0c8spbnmcg19s7g2yef0vsdrzyvt2qe5e4kx1gm6ftjgd6fatf54mpw87ncr06y87tefpvbvy8cj51x10fd7fekeb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%26client%3Dca-pub-7968146525597976%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8143d8e21f373a92-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:27 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 6F77 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
407372
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnxLD27nlckjC2%2ByDaV%2F%2FzoxSC2sSpE9T%2F4ZUgc4yqqDzUM%2FkNGQ9S9b2kIsEajnEVT4vn2PUKBznKBqH9dV2yz%2FxPFgH5EfyU036Th%2BghxQcWqIhN2oHhSWqh5vZ%2FwbsSQgeGslmKw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
8143d8e28f753a92-FRA
expires
Wed, 11 Oct 2023 03:59:27 GMT
AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 6F77 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
950872
cf-polished
origFmt=png, origSize=60352
alt-svc
h3=":443"; ma=86400
content-length
32982
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Jul 2023 11:40:29 GMT
server
cloudflare
etag
"0c5d451d92738dcd96474c734dc5b7c8"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmNEEk50%2Fz1BAWZr9XqZ%2Br2%2FieiVFQtbnc%2BXZ5cS9zBbjOTn%2FtyEzjfd%2F6EavV3yDxSD0EdcB0FB4m6pzwdLJ6G9OI8Bk%2Fqe0CgFbIph%2FKRJR4N6l4YDU0LQESAM08Vf7Xor4Wo507PsUv%2FB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8e28f763a92-FRA
expires
Thu, 12 Oct 2023 02:59:27 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 6F77 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343968
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBIt%2BjF3MdfQ5Fhw8OcTZ%2B7UgIx2n0TA4hrb74Z6RyiXPvCY%2BrlRAaBz0FPFHfIsFQDbC5CuRHGnHrg3btzE8PtPmlplaBSVXKp66KeapGPt7MYCNqxZKymzDRKzeU%2BDm1OLNrG06e2UxM6g"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8e28f783a92-FRA
expires
Thu, 12 Oct 2023 02:59:27 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 6F77 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
960924
cf-polished
origSize=9357, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
4429
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8b5eYQr9BM0cpuMez7vu7lbvAV%2FsBGhgKwmd0V3DY3lNTXZDtst%2B%2BkIyPkcD4zwlQFPHtTeX6UI3lXTr7fnHdAbELbo8GZc%2FBaPcNHH9qdokfQ1y%2Ferw8CZsCie3krs48RUXN2VWoqANynE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8e28f793a92-FRA
expires
Thu, 12 Oct 2023 02:59:27 GMT
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 6F77 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1977553
cf-polished
origFmt=png, origSize=431531
alt-svc
h3=":443"; ma=86400
content-length
259252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 10:20:07 GMT
server
cloudflare
etag
"16f7fe8ce7119ba0f513f8179ecb2d3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPvHbDcQnI9FcE%2FmQOro3cFWixi3Ozysbcz1cT3j2y8FnOZmfFSRV6wUOR5hGVfpmPF6dnuhu8STfkm7idfjck4GTU9zDsY81T%2FFhyJ52whdABp7qXDqC1LEuWY%2BYmSpPBlg15Joufst6bdd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8e28f7a3a92-FRA
expires
Thu, 12 Oct 2023 02:59:27 GMT
cshow.php
www.awin1.com/ Frame 6F77 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Oct 2023 02:59:27 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame 6F77 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1647264
cf-polished
origFmt=png, origSize=16618
alt-svc
h3=":443"; ma=86400
content-length
9924
cf-bgj
imgq:85,h2pri
last-modified
Mon, 21 Aug 2023 20:22:01 GMT
server
cloudflare
etag
"4cd9dc474d501ed5668738ba6819e1e6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUUnioMq79W8WL%2BaXPkgB%2BPdF%2FwpSYNXQ4lR5eCT%2FPBXzQH5JSQDG5aOhLjPs1dFNlaj3qWww06j8042lboFA4%2BoFC7iZa5xIVZ2Fe2szgaOXpGpSzpYhMWU2sRGH5N2CxiTbqVCBOGCb6bX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8e28f7b3a92-FRA
expires
Thu, 12 Oct 2023 02:59:27 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 6F77 		637 KB
637 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131459
cf-polished
origSize=731561, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
651990
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AA1RYxYS%2BedA7ar8abGfgtBNTyCjHI%2FglF%2Bsl3oEG%2BkTEPvY6ckhPTKuQ3wWOWNpPWVM0hzOkC3tu3z33FDkupEjRrWEDXwxH14rTEr2yx3Ve5bQKEcL%2FaTqBgaQQ3u3zhpXxc%2FeWLxlroBn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8143d8e28f7c3a92-FRA
expires
Thu, 12 Oct 2023 02:59:27 GMT
link.html
track.webgains.com/ Frame 6F77 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gkwzrn122nqjkkpsj155kya9qbb6022ye4twbjzdm344yvn7ndqnpn4z5b6z7c37exef1dnzfqxdgx1yzc68ts4ezzbgmehyzgen7evdce9jgs1e2eq0qg7ga5nyhv214eq0asyje7yh3h5pp9avq4xt87bf1q83vnmz6xkhxgwd6tc817rpktspq9r13dayjgf2d7vgwxq2ebynahtpcbez4q0p1cf1b10y6rp86ew8kxasb3c1e96qjs6xnqt47rjy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%252526client%25253Dca-pub-7968146525597976%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.154.56 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-154-56.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
21cb120ffb0c5fd17572715c7861c384205fcba70cfb5b15f5b13621f319500d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:28 GMT
last-modified
Wed, 11 Oct 2023 02:59:27 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 11 Oct 2023 03:00:27 GMT
link.html
track.webgains.com/ Frame 6F77 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.154.56 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-154-56.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:28 GMT
server
awselb/2.0
content-length
45
content-type
text/html
latfpkws.js
learning.adbot.tw/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://learning.adbot.tw/latfpkws.js?h=008e42f85bfd96ae8feecd9237d81b3d
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.32.50.234 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.50.234.vultrusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame B722 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1076401073003&version=m202309260101&ct=76&x=1&cor=5369717108827390000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 6F77 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gkwzrn122nqjkkpsj155kya9qbb6022ye4twbjzdm344yvn7ndqnpn4z5b6z7c37exef1dnzfqxdgx1yzc68ts4ezzbgmehyzgen7evdce9jgs1e2eq0qg7ga5nyhv214eq0asyje7yh3h5pp9avq4xt87bf1q83vnmz6xkhxgwd6tc817rpktspq9r13dayjgf2d7vgwxq2ebynahtpcbez4q0p1cf1b10y6rp86ew8kxasb3c1e96qjs6xnqt47rjy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%252526client%25253Dca-pub-7968146525597976%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 10:03:45 GMT
content-encoding
gzip
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 14:06:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
60944
etag
W/"2c13a74e288a2942ad3d2af9bad52cdf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
7S4HPcOsQ6GrAbqLLuHYbYaZ5DJOCsZyt4p20VevLoZxh1fFZP9Xhw==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 6F77 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1696993468&Signature=EARGw9aZlxwqD-G9LSu1ooN-k9KjGd77uffTbjMn~YiqF1ckXZ4-3gbIfNd9AXSz6vVRwntb600srNO21iHEu-RX8EMHit9yEEYXXZZn5~y76kMjBEC3RVHUkHPX3pVqBXZ12mtsGucrMkGE0eSbJG9j3fauSte2K6h~pEik4Pi5hZosEoOdugF7MSDxf8YpwaAu9PbOgYNEOcBoFFjnCRxM08IcuKVHZqCzEjDqMVECnU7ZMaLBCh9TR~7U3iIIwus47LGniIBBQJB-WpC2qI1fOxZr9ztwmEk0messvnhFkX2F5QeLRVDmnJgROE3Dr82IxtzVi7eQZwwxJYyO4g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C183975&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=300&d=250&e=&g=3c91070b0242c757c02eeac75cf1ad1e%2F10874526469593299201&i=71725%2C29981%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696993167635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hy6q8k66h854hhz8mpz84ed79zgzracg8mgbb9kqmgan3s4ay040qmgxwz47y47qcsv44c2cjctvaw746yt4k2kqb12zrx8mnq055y4rm1jbn6bt8zppq9ps6045trermzpfeqd6x9k51p6wcmj963rrrbz6n5r97zrdba9pqtgp9df7k03ke2c8e10qghj8pdcywxd1x9bq88drmckx24e00rz8cx9m86txwnyn2tjyggmbk6xdpzc5aa9jvkbtcbn61tw7kj7q4dngj9gmdwjxg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdZGjg8mZer4B_X33wOKlrKICpDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTc5NjgxNDY1MjU1OTc5NzbIAQmpAnoQ32YYyrE-4AIAqAMByAMCqgT7AU_QXTlnW0RuRvIhtLTp7krK7JljKpy_sbG4nlzIDFbLH5psdHzo1q-s9S2m8MAGoNglQAH2o6hK7JOGvbbAkvmq_k4rzrFALzCONuxBVsdKw5D50hdGonjDNEmJEBVIUB6zgj2ayz-trEXtK7ZmH_E5sF0qb7eCkcrjXx4te0QMdsIC0RSKPi_TbMzNpf0uLusaPaVqPvjppwThV8SMmQelmr3iJQbt1pb9Pl9TUeYw9tmZZt-f-VcN9rpv7PNGjMegHFYzaCcdrHc8az797DdYkkB_t6DsXemKjoZvMVDFJoonUI5uW1GZDcqJ68UVcbHKKw1V9p2Kkqzv4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc1NjAyNzcxOTA3MTM0NzD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ncEN1h2AFZB8aAw3GkcUAj0CNtA%2526client%253Dca-pub-7968146525597976%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 10 Oct 2023 05:06:32 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
78777
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
9EQJmfXGh5jksh3r8tQRK4lLRYfRyZEm4eHQrFPlDF-HH3EJXS1N_Q==
activeview
pagead2.googlesyndication.com/pcs/ Frame DAC4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9M0GOKKtwLKdrEUBnSDuI4FuTRnp-EVynKAM7N6vtFtVBADOsHmHltU3FDP669zBAIdALNN2aBAgLEwL2bKmY-MztpQIY_oG-do5z&sig=Cg0ArKJSzBJSvZm-7xRhEAE&id=lidar2&mcvt=1011&p=1008,1083,1258,1383&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=20&adk=3109226947&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696993166508&rpt=560&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ppiiad-DTgeneral.min.css
brain.adbot.tw/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://brain.adbot.tw/css/ppiiad-DTgeneral.min.css
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/bootstrap.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
e12da6309c50c072343e9638e1754cafa221369cb8a172460dc67c40e2c79c72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 07:34:00 GMT
ETag
W/"5c7e2668-22f0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 11 Oct 2023 03:59:29 GMT
collect
www.google-analytics.com/j/ 		16 B
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=235679897&t=pageview&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ul=en-us&de=UTF-8&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=1649630624&gjid=2122502108&cid=763117398.1696993162&tid=UA-89480192-23&_gid=841859131.1696993162&_r=1&_slc=1&z=216828729
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9a3d2c0e8951e1aa01c1baa56872a429f0e3ed68f52bb3d424e6c9dd49bc5197
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
agent.min.js
learning.adbot.tw/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://learning.adbot.tw/js/agent.min.js
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.32.50.234 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.50.234.vultrusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
au.js
a.breaktime.com.tw/js/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.breaktime.com.tw/js/au.js
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 11 Oct 2023 02:59:29 GMT
content-encoding
br
last-modified
Tue, 20 Jun 2023 01:51:40 GMT
vary
Accept-Encoding
x-azure-ref
20231011T025929Z-7ub45k8d953m577708qtm2fs8400000004u0000000007cfm
content-type
text/javascript
x-ms-request-id
5a1cc5c4-d01e-0048-149f-f7bfd6000000
cache-control
public, max-age=1800
x-cache
TCP_HIT
x-ms-version
2009-09-19
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dacota.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:35:16 GMT
x-content-type-options
nosniff
age
415453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 07:35:16 GMT
tracking-event
api.webgains.io/ Frame 6F77 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.155.178 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-155-178.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 11 Oct 2023 02:59:29 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.155.178 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-155-178.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 11 Oct 2023 02:59:29 GMT
server
nginx
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-89480192-23&cid=763117398.1696993162&jid=1649630624&gjid=2122502108&_gid=841859131.1696993162&_u=aADAAUABAAAAACAAI~&z=1790318572
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 11 Oct 2023 02:59:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72S5HXE98M&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca4c8aac79ea118e54dd79e573877fd98e6ab9c97de4d04910d3e3b8a67f7a20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83156
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 11 Oct 2023 02:59:29 GMT
ypa
cell.adbot.tw/ 		98 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cell.adbot.tw/ypa?tt=%E7%A0%94%E7%A3%A8%E6%A9%9F&partner=65f83b54b5ef87a67c83759c48c29205&callback=_pi_adbot_func.desktop_general_callback&label=bottomfloat&_=1696993166315
Requested by
Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.137.103 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.137.199.104.bc.googleusercontent.com
Software
/
Resource Hash
be8ac1c90f25b196f69a4199f3c5805450aadc2e11fce4f4496fa42d76a05c84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 02:59:30 GMT
Content-Encoding
gzip
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=235679897&t=event&_s=2&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&ul=en-us&de=UTF-8&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pi_adbot_improve_ad&ea=autoOpen&el=bottomfloat&ev=1&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=763117398.1696993162&tid=UA-89480192-23&_gid=841859131.1696993162&z=753676914
Requested by
Host: dacota.tw
URL: https://dacota.tw/blog/post/antdownload-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 19:37:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26543
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-72S5HXE98M&gtm=45je3a90&_p=235679897&ul=en-us&sr=1600x1200&cid=763117398.1696993162&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&sid=1696993169&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72S5HXE98M&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
checksum
api.dable.io/items/services/dacota.tw%2Fzimedia/id/dacota-136611/ 		94 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/items/services/dacota.tw%2Fzimedia/id/dacota-136611/checksum?callback=dbljson3
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.38.235.130 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-38-235-130.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1e1af7565ddfa9c71422054753637715ec23d24536c8e3ff7b23abce72b46c2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
nginx
etag
W/"5e-7QoK2CiI4Sp99dtwiQ6syKiuGlA"
content-type
text/javascript; charset=utf-8
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FBS0VZNK7P&gtm=45je3a90&_p=235679897&cid=763117398.1696993162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696993164&sct=1&seg=1&dl=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&dt=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&en=page_view&_ee=1&epn.dimension1=5225&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBS0VZNK7P&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 02:59:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dacota.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
update
api.dable.io/items/services/dacota.tw%2Fzimedia/id/dacota-136611/ 		65 B
191 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/items/services/dacota.tw%2Fzimedia/id/dacota-136611/update?title=2023%20%E5%8F%B0%E7%81%A3%E4%B8%8B%E8%BC%89%E7%99%BE%E5%BA%A6%E7%B6%B2%E7%9B%A4%EF%BC%8C%E5%85%8D%E8%B2%BB%E5%85%8D%E7%99%BB%E5%85%A5%E3%80%81%E9%82%84%E4%B8%8D%E9%99%90%E9%80%9F%E7%9A%84%E4%B8%8B%E8%BC%89%E5%B7%A5%E5%85%B7&image_url=https%3A%2F%2Fimg.dacota.tw%2F2023%2F02%2F1675416809-f036c2a7d641e6e28c53b2bd4821cfe0.jpg&price=&author=%E9%9B%B2%E7%88%B8&currency=&sale_price=&sale_currency=&availability=null&category1=&category2=&category3=&custom1=&custom2=&custom3=&custom4=&custom5=&published_time=2023-02-03T09%3A33%3A41%2B00%3A00&url=https%3A%2F%2Fdacota.tw%2Fblog%2Fpost%2Fantdownload-2&body_length=496&callback=dbljson4
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.38.235.130 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-38-235-130.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2a03fb4b5919e5b637568d74b2ae96d11a22a0ccaa32ece91c1337f269677099
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
nginx
content-type
text/javascript; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=dacota.tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6fde28d6f3c137293a6cbbb9d4f4d1a53d85901ebfc05759ad330bb70f44fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12010
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=dacota.tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 02:59:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A454 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 19:47:55 GMT
expires
Wed, 09 Oct 2024 19:47:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 51D1 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
970908c3ab9f227006a8071368ceeffc62bd16defde7c5c5278b63111013eec2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fr7xymI6qPwIHyEpp-IDgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dacota.tw/blog/post/antdownload-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Fr7xymI6qPwIHyEpp-IDgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 02:59:30 GMT
expires
Wed, 11 Oct 2023 02:59:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame A454 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 19:47:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
25896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Oct 2024 19:47:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 51D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1759565397619036&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A454 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uZlz6A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:59:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=1759565397619036&bg=!JySlJGvNAAbjlzx0w5c7ADQBe5WfOCruWsLo604hhHfmxQB8uxqeR5FsKUlaQEWQhXSD6ycrSMyEwdVcMI-vk30Z3_ylAgAAAKJSAAAADWgBBwoADawmViSuf1GHXB_AhDuZAq2TpppLi-LlugAa2TXa7wUJvrvKoTttRgEbevS2y37SeYpFqdimwd2tBXtPE9yZEcfwfNwlD51mC-q1HoegJZCs-zKGUnzLEFvZSH67TYpst9SFWgT6uq8apLmxRtklnonxZcM9pt5Nn5-4-JNWHSYUPFGBzrMpxp-yXsYoSb_zALByr2q8bTMoRmoD4BT1_hOwJ-7vXNFjb-8OJ00SCyDL8lfVZRr13PPHaYRWx3Y6oYpvPjG5mGXFem3JXLCWuUgzrzOMxZsArLvVCm2hyhFlmpqOy5c6Dq_tnSASJPOxeZZSds2ETcGdVafOW7B4W_uQPOyOWxR7pbFP_mz03o320RuuMS_fM-Nfz_V2PnS0UH3nxYSxkNOYnWiV12MZGUWDIx3uGTPHzAjU-ZECMvQ7GvhtjOaduoo5KKLf1EnXJbVSxUVhkFZVowp462wBSZyEQ1OfhcQS2sOq7LXrcY_tXIB27IoLGumpVscgrFtW_2NS8HoP1LrlA_Z4grP8adF3cxep0t0qvIPEz_4WQM6oY7A83D-QA7_NLpxdI-9qUSxhP06OXHl6b6goJaY9dCw_qXhBxFTfca22OS-fNEnleiH9URF8aw2nCe5uAVQkZoSrnPXeHuoKrkCwigYC1rQPkmnV9AruE6yaKax1WKxYe3wJLSjSTJDGfiYmyG_4CM6h-1zuHUE_1-p0i5JFgYWY5VGOs3NXxsh_9PmMuTRtlG8WY5ur_Mg50cmgcs-Y_xmD05G4ZoZWgw3bA9GhOOMu1jGNk8jAiltLCa46LaiboZDMgDEGzD5JUkhQx2rygTWKCBX9OjO0k0Ov36KUzzPSXmOTI8ImUKXHNzUx4bVvneLdojIDDU-7SBA1kD1QiAVZgdaH7eN28YgZcK9pHTNompsZ7f9ewOLFky4-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dacota.tw/blog/post/antdownload-2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| dataLayer object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| shouldTrack function| hasWKGoogleAnalyticsCookie undefined| $ function| jQuery object| WPdTreeSettings function| dtNode function| wpdTree function| gtag function| google_spfd number| google_unique_id object| google_sv_map object| cat1 function| dable object| googletag string| GoogleAnalyticsObject function| ga object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| addComment function| ga_skiplinks object| _stq object| twemoji object| wp function| st_go function| linktracker_init object| wpcom string| host string| source object| script object| imgurEmbed object| regeneratorRuntime string| partnerResult object| pbfp object| FlickrEmbedr object| container object| adsenseCode object| gaplugins object| gaData function| dbljson1 object| pbjs object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_142 object| Criteo object| Criteo_identitytag_142 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 string| btadimpdbgcd string| btadimplog object| btScanElementsContainer function| getDevicePixelRatio function| getSizeToFit function| getPhotoForDisplay object| displayOptions object| supportedTypes object| _33across function| zi_func_psb_googleTextLink object| m function| ziFuncGetAuInfo function| initialSizeArray object| reA object| reN function| sortAlphaNum function| moveToFront function| getElementWidth object| containers object| ad object| bt_data function| dbljson2 boolean| affiliationLoad function| getCampaign_async function| getKeyword_asnyc object| ziCampaign function| getCampaign function| getKeyword string| zi_keys function| showAds function| callDfpAds object| w_adbot object| d_adbot string| _adbot_partner_id object| _adbot_keywords object| _adbot_slots string| _adbot_color string| _adbot_label object| _adbot_ext_propeller object| _pi_adbot_bootstrap function| jQueryPi object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| _adbot_partner_config object| _adbot_backup_keyowrds object| _adbot_backup_keywords object| _adbot_ip2location function| Cookies function| pimd5 object| _pi_adbot_slogans object| _pi_adbot_desktop_slogan object| _pi_adbot_mobile_slogan object| _pi_adbot_desktop_icons string| _pi_adbot_mobile_icon object| _pi_adbot_lineads object| _pi_adbot_func object| jQuery1124018085708396500433 function| dbljson3 function| dbljson4 object| GoogleGcLKhOms

69 Cookies

Domain/Path Name / Value
.dacota.tw/ Name: _ga_J4GY2HPNY1
Value: GS1.1.1696993161.1.0.1696993161.60.0.0
.dacota.tw/ Name: _gid
Value: GA1.2.841859131.1696993162
.dacota.tw/ Name: _gat
Value: 1
.dacota.tw/ Name: _gat_UA-106322328-7
Value: 1
.dacota.tw/ Name: _gat_UA-223359337-1
Value: 1
.dacota.tw/ Name: _ga_QH5CZ9461Y
Value: GS1.1.1696993162.1.0.1696993162.0.0.0
.dacota.tw/ Name: _ga_GS773KMQKY
Value: GS1.2.1696993162.1.0.1696993162.0.0.0
.dacota.tw/ Name: cat_trid
Value:
.criteo.com/ Name: uid
Value: f552819f-880c-4903-9a37-22a7888c7315
.openx.net/ Name: i
Value: 481bfe94-3c48-422d-9a97-bfc4bf471748|1696993162
.dacota.tw/ Name: _gat_UA-135689988-1
Value: 1
.dacota.tw/ Name: connectId
Value: {"lastUsed":1696993163318,"lastSynced":1696993163318}
.dacota.tw/ Name: cto_bundle
Value: 2JM3CF9VSnNqUG9oTnJjWVBzM2xMRDJ3WGRJb3NDY1JEUEZVY1FGenZMVTZidjRQJTJGTHdWN2tIRFZEMFg1MFN1amRXR01uNzJJaHg0ZHRvQmltczQ5NVVNVEE3RklvV0x3RFNmVHp5TExCSlZkcSUyRnMzVVRRQTlDUndRMnlYTnlYOGVnblIzeEdMN0tiSHdDbUtBQjNSOVI5MmFBJTNEJTNE
.dable.io/ Name: _gg_ck_match
Value: 1
.dable.io/ Name: _nas_ck_match
Value: 1
.dable.io/ Name: _nh_ck_match
Value: 1
.dable.io/ Name: _gn_ck_match
Value: 1
.dable.io/ Name: _kko_ck_match
Value: 1
.dacota.tw/ Name: dable_uid
Value: undefined
.dacota.tw/ Name: _ga_3DCCEXXFQP
Value: GS1.2.1696993163.1.0.1696993163.0.0.0
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2291F60127-BB04-462A-137A-639F43AB98CC%22%7D
.adform.net/ Name: C
Value: 1
.dacota.tw/ Name: _gat_gtag_UA_230439076_1
Value: 1
.w55c.net/ Name: wfivefivec
Value: uu5TOaqe1QQprt5
.yahoo.com/ Name: A3
Value: d=AQABBIsPJmUCEErxhZZ2ma9gHVqD_K1PBbMFEgEBAQFhJ2UvZQAAAAAA_eMAAA&S=AQAAAsIdi60K-kqXZfU77oQ-HhQ
.adform.net/ Name: uid
Value: 6139745507393422475
.w55c.net/ Name: matchgoogle
Value: 5
.turn.com/ Name: uid
Value: 7058434395735736302
.toast.com/ Name: BID
Value: Y2LKXRBLQB3GA9954ENMAOMLA
.toast.com/ Name: txmed_1440080439
Value: 00000000.0000000000000_:_EXP_:_1712545164
.toast.com/ Name: txsync
Value: 1696993164
.doubleclick.net/ Name: IDE
Value: AHWqTUnfivnTc6vxcIoBF6bbPQ2VDZnSPKV-sESyvUJK73iSAqJ9h-4pELrUe19kknk
.dacota.tw/ Name: _ga_FBS0VZNK7P
Value: GS1.1.1696993164.1.1.1696993164.60.0.0
.dacota.tw/ Name: __gads
Value: ID=54249db55538aea8:T=1696993162:RT=1696993162:S=ALNI_Mb2ileGoToCO53Bafg04KVg-GmUeA
.dacota.tw/ Name: __gpi
Value: UID=00000c94a2056f1f:T=1696993162:RT=1696993162:S=ALNI_MbVc5yWED3jMop-JC59K297CVn6SQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi7N65HGKqcyZcLSghxSPtI5gsWuHzbrUQtO6vcpmliXM_WF9Q
.googleadservices.com/ Name: ar_debug
Value: 1
.casalemedia.com/ Name: CMID
Value: ZSYPjfbL8ilQGflWJ.dabAAA
.casalemedia.com/ Name: CMPS
Value: 2226
.casalemedia.com/ Name: CMPRO
Value: 2226
.ad.daum.net/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220231011%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.adnxs.com/ Name: uuid2
Value: 4665321157689879354
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$QmmJhi!]tbPl1M>e)ZlrFUfJ+tGXxp6X9o1AI3[pqPM_Eda:dg/KN(J%NS(b'+*]Eh*bpRz*qF1`*b_+r)rF[]
.adfarm1.adition.com/ Name: UserID1
Value: 7288530145218197661
.3lift.com/ Name: tluid
Value: 3126841581236418862486
.ctnsnet.com/ Name: cid_85d3c78ad604448085acf1b69a375e08
Value: 1
.ctnsnet.com/ Name: gid_CAESEP3izqSvLiBmUSOExe0l2Po
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.de17a.com/ Name: guid
Value: 1.6222847399090326113
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0a114b25-db00-4a0d-987e-897c333c22d8-003%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A0E843B3-CF17-48B7-9BC7-F49449213FAC
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0a114b25-db00-4a0d-987e-897c333c22d8-003%22%7D
.csync.loopme.me/ Name: viewer_token
Value: c01a8213-3375-4220-b2db-f6c6ed8cbdec
.lijit.com/ Name: ljt_reader
Value: Hd0TqGZHZYxid7qHSH-RIbwY
.ds.kakao.com/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220231011%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.awin1.com/ Name: awpv14702
Value: 412871|1696993166|304e9430-67e2-11ee-af9a-22368e271443
.blismedia.com/ Name: b
Value: 65260F8F549623B455729911BLIS
.tribalfusion.com/ Name: ANON_ID
Value: aRnt6ZaPME7eQmKvCjWxrcbFpTqMQr9fCVFbkZb0OSbaYVUagHPI09YZd51nwYBofZcdvrfv7vOZdUTYCvNTcSPZaDbxGivTPJ
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5Njk5MzE2N3ZsZWExZGUyMDIzMTAxMTA0NTkyNzg5NTY5NzY2Mzg1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRiUWVhUWZaZmRqZEhZSGJIenRLdHd3OFViU0pUTUFtaDIzUkVvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTI4X1dFQkdBSU5TTU9TVExZMTIwMjEx
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023101104592789569766385X120211V1226132702MSviewoneidbQeaQfZfdjdHYHbHztKtww8UbSJTMAmh23REoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5Njk5MzE2N3ZsZWExZGUyMDIzMTAxMTA0NTkyNzg5NTY5NzY2Mzg1WDEyMDIxMVYxMjI2MTMyNzAyT
.awin1.com/ Name: awpv20044
Value: 412871|1696993167|3107f920-67e2-11ee-af9a-22368e271443
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.dacota.tw/ Name: _ga
Value: GA1.2.763117398.1696993162
.dacota.tw/ Name: _gat__pi_adbot
Value: 1
.dacota.tw/ Name: _ga_NCBMBRV2DM
Value: GS1.1.1696993164.1.0.1696993169.0.0.0
.dacota.tw/ Name: _ga_72S5HXE98M
Value: GS1.2.1696993169.1.0.1696993169.0.0.0
dacota.tw/ Name: pi_adbot_fac
Value: true

9 Console Messages

Source Level URL
Text
network error URL: https://images.zi.org.tw/dacota/2016/12/25012518/1527182717-efe7ba524df3cc3bb5e6da601e97b991-1024x447.jpg
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://learning.adbot.tw/latfpkws.js?h=008e42f85bfd96ae8feecd9237d81b3d
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://learning.adbot.tw/js/agent.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

88befe4305ba35b97b60f7ec22e231a6.safeframe.googlesyndication.com
a.breaktime.com.tw
a.tribalfusion.com
act.ds.kakao.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
alliance.breaktime.com.tw
analytics.ad.daum.net
analytics.webgains.io
ap.lijit.com
api.dable.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bcp.crwdcntrl.net
bidder.criteo.com
brain.adbot.tw
breaktime.tw
c1.adform.net
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cell.adbot.tw
cell.adbottw.net
cm-exchange.toast.com
cm.g.doubleclick.net
connectid.analytics.yahoo.com
cs.gssprt.jp
csync.loopme.me
d5p.de17a.com
dacota.tw
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
embedr.flickr.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
gene.breaktime.com.tw
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.dable.io
images.zi.org.tw
img.dacota.tw
invstatic101.creativecdn.com
learning.adbot.tw
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
pixel.wp.com
pm.w55c.net
power.adhacker.online
powerads.breaktime.com.tw
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r-log.dable.io
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.imgur.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
static.dable.io
stats.g.doubleclick.net
stats.wp.com
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
t.adcell.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
us-u.openx.net
widgets.flickr.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
103.153.177.11
103.224.182.253
103.243.202.190
104.18.26.193
104.18.35.167
104.199.137.103
104.208.76.145
13.43.154.56
133.186.12.16
142.250.185.230
142.250.186.98
142.250.74.194
146.75.116.193
162.19.138.83
167.233.13.224
172.217.18.2
178.250.1.6
178.250.7.11
178.250.7.13
18.135.155.178
18.66.122.63
184.31.93.220
185.64.190.78
185.86.138.154
185.89.210.101
192.0.76.3
2001:4860:4802:34::36
211.249.220.158
213.155.156.180
216.52.2.6
23.205.93.33
23.212.218.19
2600:1901:0:76b9::
2600:1f18:1aca:4281:a723:103f:3bdb:6540
2600:9000:211e:4600:1b:5138:8a40:93a1
2600:9000:223c:7400:10:dd8:5e40:93a1
2600:9000:223f:c800:8:48e:53c0:93a1
2600:9000:2250:800:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3032::6815:3fd5
2606:4700:3036::6815:eb9
2606:4700::6810:5514
2606:4700::6812:18ad
2620:1ec:bdf::45
2a00:1450:4001:801::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:828::2006
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c03::9b
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::a
2a02:cb40:200::242
2a02:fa8:8806:13::1370
2a05:d018:d29:3605:baeb:931e:26a0:842
2a06:98c1:3121::3
3.38.235.130
3.71.157.32
3.75.62.37
34.102.146.192
34.120.135.53
34.243.151.27
34.96.105.8
34.96.70.87
35.186.193.173
35.190.0.66
35.214.145.237
35.227.252.103
35.244.138.40
35.244.159.8
35.71.131.137
37.157.2.228
43.200.46.95
45.32.50.234
46.228.164.11
46.228.174.117
51.38.120.206
52.222.236.10
52.57.181.189
54.217.255.105
54.235.188.253
65.9.66.122
69.173.144.138
76.223.111.18
84.200.5.215
85.114.159.118
99.86.4.52
01b53b891f4bb2098d700fc629056d47d3628ecfe3e5707bd6ac327aa9c77bd5
01c9b002357c501ff1918ac4123df85dfa2e6fdd0e6968d54dd1b62a08dda71d
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d47363c6d9daaf573997c9349b00626d85e4f5bb08f4649b62c7b7555e0e4c
01e03a5cafab847cd0202a814a45701841ecc61e2375c2ae9ba03a60ef6f7ebc
02665c58316db0ab75a66eecee22d9b2c33bebeb014c3da779e868457f659e34
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04f14fa3b7d28a834a50d60c4d37a89e313178dc243f7edea39feefc38c93467
058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
0686aef685b6f3861f227590f0a5d4409023bd6e29bfb57f626175c7473140e9
07517f91e27cc8d4d0dab9be8a59c1d24959d19abc0578a0d17224e487ea577f
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
099d96635ecab0dc36abcb344e531fb76ea0257ade5a97f0421fee84fcf44b91
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb09a13895c483c408f34af2d161559c9e0a8a4453e2804454f93ec424b098f
0be0681a69edf14fc0b6ad56490cd060ce459c88fe603e173266536dc9a4ab99
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144ace469f26fc506471e904f48683767bee4669da12248d1fb12a3d0c236e83
1454bf866baff7935127bb34e8269d8a9c837e3d8dfe4f81056048747cae76d5
14f88b30b4223c42fec632e214f164fa42a2f37ce0579adced90b7bfb7b713af
152c84e46b3466b723a4cb9bacbbce881a1fd9af042dfa716eaf02df28d6ad7d
15c0cca5a6be3aab16397f9794bd3764e52f3c830db64abf7b461e35c19111ad
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1821b594f6623d1e956c5e6cd8a947df9ec840a5ff754c7fb082bad8628298e1
19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1a9b6c8a24c5b588a39f6f11ef9457a5719c8242e4790b1f4359274ceb4bbdee
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d3b69e566e2cd5f765f8770eddf23898ef863c0a74475e084a13cbce24234a8
1e1af7565ddfa9c71422054753637715ec23d24536c8e3ff7b23abce72b46c2b
1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f
21cb120ffb0c5fd17572715c7861c384205fcba70cfb5b15f5b13621f319500d
22f73d221b180dff232c3000e00aa84dd9155cd7abb69d07c4a0abac2707c190
23695b7a3c6321be4eba15114165127101c524aed6d75ad8c15d0b3bdfaffb32
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27606407f29bba2a8e8689d2e38a2a0894e33e91dd1b8676bb36b4918324c44c
28082b789e96ff1f1eabcbb5f7821980740883585a91a40848f1879d616e993a
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061
293efabe8c9d4314f5fbddbc95bf9c9d61f612a48d94d27ff3bb948522315fb2
2a03fb4b5919e5b637568d74b2ae96d11a22a0ccaa32ece91c1337f269677099
2a782bcfd225befdc24238ade3ac94b33577f3a5e32d1e129415c2ca4e9dee7e
2d2358b722628a6bee49b6b0c16933ca02a310bd2e29aabf0c33a874cdf350f5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30126d6808ce1cdc8f5af7b7f338ae31de58fa4bd415776c04ff1f26e2c3af64
307378ffc72dfa9b68fb44cdb998c77976d324d413d5c072e0521a5d7c8c1fef
30f8014de94e476123b4dbec0e08e89466fb692a6fcc99433488e74c43b19b79
310de9600c8bb44cc93f7917cf8285ebd1ad24620773adf3f2df4e5e0db9dfd1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316ce5814490d1f05570902695f20386422fd6147803fe01e39d7cea076a712c
3204abe3e48b3acefee070cb6e5717087e56b8cd9b3a83f6734010715bac0186
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
348d13301ff01a717d0df02099da13dbc756549c16244eb6bbd16bfc5dce935f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d1cc19c30936ba91c00ecde3eea5bd2fa034cff3e3b68b5ae9106f0e1291f13
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b61c4001561290878374ccaeb83fc4ca25080eeea8fde71b4f5333de0acecd
4588cb513cac3531119371b3bc4167c41d95f0ba445ebbe33587b4fed43216bc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47c16416da729fa31f12f29e7e1fe15979ffd5e62835a069976cd39558b4a189
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49f1b76fba70b4c734908e2bde1db752ff83c60771843a03063952c1849ebaff
4aaa9ae97c61df3ecda893f4d208377e3e6b8170091378053abfc74cb8c23c43
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b968dd9042b119b4c62bb90938d7cc8aaaa841f12e8060fa9198b6730a07e6d
4be697ac695f2c11c2a9ab7075cfa7ca9cf2723baf62cfe8c913a3bb2ca56917
4cb8f074eb7ba1005c015814cb04be288fc301f45b4b6cabd9e281c36cfbc5b3
4ce5be1266bcc413dfb04d3018c10f3fa33d87343085e6d8ff7b5ac7dd5ca56a
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
4fe5f1b7dd077dba33e2ae25d8ee9826381c385637b3b70f8d27890a79f7bea5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
579fcceb4d2fc98f5fa05b85af39bf03e17375496a2095e3a94ec55405757416
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5a7ce8ae0b9b456213f9bebc68c88a5f33166529a46c5fcf1bb6834b3b425c88
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d768634a29c575842036df911561eaffe49035fac81e0c47a1fe09df13511c1
5dc0faa40873de0c227c9ebcf37429e5eec4add10121b293646f6fee649f147f
5ea69e3eef164da10ec76a130db8fbd54e8465128f0ceb56a2a5c858256ad876
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f90f8ac8505852baa5300c6521af0653d4e93c42eebff7e18331c3e4b058a18
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
614b7ec13a90ba6d042e66e99e31d44d8e81dd4d3a9338debfca5bf500405b91
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
63364dafa388fda022de7a67e2f97ab4a5e1510c921070d065f187d8e575cd97
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f37cf0c5c97861eb339eda128793ef1f55ca51177a04cd1275964cffb70bac
6712089206b5241b4f3d932069b02da04631a9fff325bd1cd32b078af9ca8c56
6ad76df9c076ac50826147c9c12e08a73a037cc307371d7cca249e7b3467ddb4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cac16cf52dd483289d5ee5398fc828417e0cc977d4b7f3c46d7bef862b14c39
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
6cb1a8100e9dc98d51a7f3a1c1e56c12a95b89dd83638194431cfaca4de7ba38
710a17af69e924b49918d0eb90b55214d82d1e33b252db1b84786d39fe311303
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73fcf5092d5dbb7f06cf2ca7e0ff38522bb27cde183d53c522143f6aa4d35c4e
758bb6b7d9d7db5513a1624d7ef78b2a7b2a4686e31f4dc2a9b71bd991f1c3ca
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd
76c514207316d89e510e7895fe4c9a29dd1414d1a0b6f0c49f9eff428d7c0c90
77d4e75da8de2982abd31e6c5b19305cc899254ca7d2a723c6aac6b6b0588547
77f396997acbfde731206cd52ee30127c4acfbc26a4bacc0f1c902f4455ac996
787c8227df99ebd7d0fa44445d76a2e014682de70fb01d7daa02cc445cca52b5
7c9324f9965f91e798edc284dc39c5626a367a18c69edf7715d57d3b23a41fa6
7ead3156e5fab3214954b0cf588a87206e034cdc5a556604af112f494762be64
7fea82407f6fe167b20f2d2cb8df981e502efb4006c12ade520706ee106227e4
8099c9a29e898dd787bc4b9d844cb0671b65d3d9cd919e0a694f8f40fd3968bc
810acd31b7ecd2d4620ecd26aab627950bc81a1773505ab199d0f605f4195a58
8121f0bbf1fc4164a6d49f1335b4381e466b860e8d98c4640495eccc259b266a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8493283b5e762e599e3a65cbb5c20b3a1b3458c2a6fc49ab1f6edf5ee0f57dd4
84ac8bfd3ce05d23614cf45cee2f143da008d56720e1055abe9cf64720386eac
852cafe3bc46d907eb9f6e99e59f57414d3e1ead6a0b7d068d24c1d476313411
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
883305a308a696d24084a1eb21151efb3ad5604eb56b1774151f986a6ec2a4d8
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff
8b4a7453818bcc399e0d44292cf622222068caccd7b7053b572e1cbcca0fc790
8b7d4285aaa45035e807805878f325b5bb4aecbed42be67235a3580a787cc536
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dec218b2d0cebdd628b430486ad41be61b9d14393faa4310816f27e7fc46703
902e5ea022732fd3b34f262c5d5856c9caed8bdd65c8bde7fb2aaf0581d7a7c7
91bfe6adcf3a1a7ed851e490ea5fcb81900e39bbe61f8a666a880b50d6051ae0
970908c3ab9f227006a8071368ceeffc62bd16defde7c5c5278b63111013eec2
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
996f6c7cb4dac528486d158a98a4dc56cd07fad4605a80495ec96c3bf7a8031c
9a3d2c0e8951e1aa01c1baa56872a429f0e3ed68f52bb3d424e6c9dd49bc5197
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d57351aee9eb779abfc1ae494d338ca3cd0282d1a76357802e91ebbbbeb1622
9dee97292cc74b3c842dc63337e243c5e89996aabce32593be1e36d494573f0f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a13d149b709f9f6a1141e680da5605d0083b90a6b0d7355a0de49db4fa3cc116
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5531a7467f0e324959b8c056c8ada8709116598b07d560936ff787ad7d5818b
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8981b430d4c419eb8e514265cc5f41b20c521a2b44dfc8723fcc78aa4745976
a91182f2a97241fc69a69934da44a568602ec27736abb072b0bf5b441b5286b6
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a98eff3ad8efbc7946ea27da0be267ace3f4f54b25195a5cc14c3375ba3e8ee7
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
aacc65a0692221735bd07af251bb51ec742a1e243bb8d07b0bb698090b928dda
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
acd7b12f5d9807c033e32675074156e491334a9d8767990a56d47f4e658c87b2
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0ea94ece6b5abc4de442f40f43afec694bd42b6817251769ea6b4fe4d81fbc8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1997dab216a1ae3a6865fed352a6e580a0b7d87963556fed51daed631f6dcdf
b1bb2242604dca14ae8be8b2abe640fc33839a6640d9a72a2ce81ba86e01501f
b2199585449c4c0ba2cfc3b66c3db62a08abed774f62bb83fc2e3b9548e77385
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b4cba32282e88c1469293386b849bcb835f661ebd52265263d57d9dfbc65d874
b67973578b0b83ccc7c06974f461b0d8ba96b0cd87cc5d3eaa5e287649d483d6
b77efdd75a2161998eef55b7ea4cb3f255b51052a47a47514f8933d00ac96576
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b819dcb40958b1ef2e74f72fa5ba96f9370c421b31ecccabf7683f24372b80a2
b9d3ed1ff23eefc1603b609c5f8175919a332e3067f587556ed59f0c535a0e5a
b9e902238705b06b640bb8fcbaf78e930e7151e73993f135070e62c06ecddd2d
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb41091236033c7dde257a2f967d8a8fff42a6216cb640d98548016e7be4a015
bbfc849b3617cea6f53b02cdd7c9a3b2d0ea7c2bd1d44d0ad4f6c69e05500de1
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc3fa17b0c4f879f13a223996f66eb9fad7c84385b2967e3781a3680a6e6a811
bdb1067cdb531b3330ed23578dce0e27f6522e8e63b5b2b962d8f9e01903de4e
be8ac1c90f25b196f69a4199f3c5805450aadc2e11fce4f4496fa42d76a05c84
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
ca4c8aac79ea118e54dd79e573877fd98e6ab9c97de4d04910d3e3b8a67f7a20
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cc9e7694ab9dfc6cbecb37b32dd4f6dabdea66bf8df61194d35719f2b5cd00f2
cd6386792879a0998319225cd9dbf4b59030c53321ef8a39866fc15877807c78
cdd58f9281ebc41fa9abfa923a70ae672ffb8d476e3661c023f7d3c1db0b3971
cddbdd987971b27613c0f7829a8e973a1d5d58b8c993c028aebf26841c580e0e
ce199809cce8c12d848eecc371b6d8546304e052d2009766dded8f6dc55206ad
cfa21e69bc991607e67a924a205a0e2d559fc438c712bab0ee196322c096244a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d29c378c2d12029d2022a158ed3ea4c7fd631faffef3da186c77d1d215cd8967
d2a081fcbff0e8fd68f8b67038c324dfa967d84f5384b8599acd28df7cbe3c01
d5e9d7fa8884cc67adb6832afb642ce27fca0fd03cd331f96549e275819c221b
d726cbd0bfd16142c9a1aaed67e4a2639e60221234471be756eef1ae5ef81c39
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
d7d3e8aab32affcb9894c4f595fcee2eec9206e583fccd10d97cc40ce85956e1
d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42
d8b91f29e3aad266c0693a9e03db431f82db879055e6f0aa3102f6bc340221d5
dac9371851f39b7af532e12e3450a4f30f1d3545990a7902ca86a2d6c7bfe654
db15da32296382af4df5523c292893a2f403e7788ff761c45a675334abcf572a
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df456fb7e8bcc8b17bfd316362fbdc74d7bf38d305cc34ffdebb49cebc4726cc
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e12da6309c50c072343e9638e1754cafa221369cb8a172460dc67c40e2c79c72
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2ffa6968df6f9efd5fd5d7243e265f2db2facd35b49fa3ebdae818820d52758
e358ad85780c17171c5f79e92e9236c7423f02aafd24ef187d0380992df2adbc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b993a327b53083d017bfa569e0e4b9618127011e0b1bbdf330e36b8549cde0
e6480b4b6e1450a4f658ed041953379743e973dff5c0bf14d727580131de56cb
e6fde28d6f3c137293a6cbbb9d4f4d1a53d85901ebfc05759ad330bb70f44fac
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e89a9ff7ad9a1a5b728025b665eb20e7deabbd54b58263f066ab92bcd882e323
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
ea98634e2b4516f30d9e1fec06fb88732d0d7e475a5dd03a79fcf93f119cae67
eb6517c944f010ef3fa9d47b38f5523d339823651cb36d0bf66fbf0d4fed63c5
ec2fdad621bb30d4a9be0ef7759a40840c0e90fe9aa89b51248982d4662070e4
ecc725d0c3d56d6d64dabdc77c38a5935ee2bc06a58f5b4135a970659523b2c9
eccf879a4497fe87c2b9e3c95648365f457b33daba057a4b172dd4b5ba059793
ecdb8c3aacbd7e709e47d153f7e0c13dfedc5e27ac237028db0b8a4fe5cbc24b
ed0b3ec99c5214303ac40914db05ff0280bb4134c64c95ef3812f79d071e95fa
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f41cba07383b199fff803ed499ebabde789484602a2ba008152a0828335e286d
f4e9389b6af83ded8a4808180236576e595f4758ce61c02f4d0b07fce20e6496
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
f766b9ebebf08bdba89b26a9f3c5386aac7a4ed18602c328ce2a38181b731944
f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7d9403b2b4f177a0bb430759af877306cc4321709c556916fe05afa4285cf02
f8345005189f7e08549ca9662018b90cd0b85de5629245a0234e40fd645de7a5
f9835893dc15ca073d36de03d3f92d7d4d195e14e0db2126831a16bc280b6adb
f9ca96b765316b7de34c63b5b7cb6e863924db9c94b93735e9ca3b305207ef8c
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2
fbaec7fa8ba99605d0b49338344dda248bc8adf0c2204242f42005e8fcc7252a