heho.com.tw Open in urlscan Pro
34.149.230.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heho.com.tw/
Effective URL:
https://heho.com.tw/
Submission: On December 03 via api (December 3rd 2023, 11:00:30 am UTC) from US — Scanned from DE

Summary HTTP 337 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 37 domains to perform 337 HTTP transactions. The main IP is 34.149.230.38, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is heho.com.tw. The Cisco Umbrella rank of the primary domain is 666790.
TLS certificate: Issued by R3 on October 17th 2023. Valid for: 3 months.

This is the only time heho.com.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36 66	34.149.230.38 34.149.230.38	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
15	139.162.82.98 139.162.82.98	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
13	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
45	2606:4700:303... 2606:4700:3038::6815:ebd5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2 11	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	13.32.110.123 13.32.110.123	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4 12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4005:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2011	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:1994	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	61.219.68.119 61.219.68.119	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
5	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 20	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
69	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 13	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 6	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	18.184.108.41 18.184.108.41	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:e656:41e3:3e80:bff1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3	139.162.79.137 139.162.79.137	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
337	50

66 34.149.230.38 (Kansas City, United States) 36 redirects

ASN15169 (GOOGLE, US)
PTR: 38.230.149.34.bc.googleusercontent.com

heho.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 139.162.82.98 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1562-98.members.linode.com

ml.oxra.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3038::6815:ebd5 (United States)

ASN13335 (CLOUDFLARENET, US)

img.heho.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.110.123 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-123.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4005:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:1994 (United States)

ASN13335 (CLOUDFLARENET, US)

json.geoiplookup.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 61.219.68.119 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-219-68-119.hinet-ip.hinet.net

oxra.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:18ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.108.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:e656:41e3:3e80:bff1 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.162.79.137 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-162-79-137.ip.linodeusercontent.com

lifestyle.heho.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kids.heho.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
114	heho.com.tw 36 redirects heho.com.tw — Cisco Umbrella Rank: 666790 img.heho.com.tw — Cisco Umbrella Rank: 796616 lifestyle.heho.com.tw kids.heho.com.tw	4 MB
90	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	5 MB
33	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	602 KB
29	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	307 KB
21	oxra.com.tw ml.oxra.com.tw — Cisco Umbrella Rank: 926922 oxra.com.tw — Cisco Umbrella Rank: 816950	37 KB
18	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 docs.google.com — Cisco Umbrella Rank: 126 region1.analytics.google.com — Cisco Umbrella Rank: 2693 play.google.com — Cisco Umbrella Rank: 32	86 KB
9	popin.cc api.popin.cc — Cisco Umbrella Rank: 31958 tw.popin.cc — Cisco Umbrella Rank: 96359 log.popin.cc — Cisco Umbrella Rank: 33420 r.popin.cc — Cisco Umbrella Rank: 34110	169 KB
7	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	46 KB
6	tribalfusion.com 3 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	3 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 v.clarity.ms — Cisco Umbrella Rank: 7267 Failed c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
5	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	144 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6765	777 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	221 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	496 B
2	ctnsnet.com 2 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6100	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	207 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	88 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14517	3 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	757 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	389 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	601 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	758 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	587 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	24 KB
1	geoiplookup.io json.geoiplookup.io — Cisco Umbrella Rank: 47800	611 B
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 415
337	37

	Domain	Requested by
69	fonts.gstatic.com	www.google.com docs.google.com fonts.googleapis.com
66	heho.com.tw	36 redirects heho.com.tw
45	img.heho.com.tw	heho.com.tw ml.oxra.com.tw
20	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	ml.oxra.com.tw	heho.com.tw ml.oxra.com.tw
13	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net heho.com.tw
13	pagead2.googlesyndication.com	heho.com.tw pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
11	www.gstatic.com	docs.google.com www.google.com www.gstatic.com googleads.g.doubleclick.net
11	www.google.com	2 redirects heho.com.tw www.gstatic.com googleads.g.doubleclick.net www.google.com tpc.googlesyndication.com
7	www.googleadservices.com	www.googletagmanager.com heho.com.tw
7	cdnjs.cloudflare.com	heho.com.tw ml.oxra.com.tw cdnjs.cloudflare.com
6	oxra.com.tw	ml.oxra.com.tw
5	unpkg.com	ml.oxra.com.tw
4	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
4	api.popin.cc	ml.oxra.com.tw api.popin.cc
4	fonts.googleapis.com	docs.google.com googleads.g.doubleclick.net
4	www.google.de	heho.com.tw
3	log.popin.cc	heho.com.tw
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	s.tribalfusion.com	heho.com.tw googleads.g.doubleclick.net
3	a.tribalfusion.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	docs.google.com	heho.com.tw www.gstatic.com
3	sb.scorecardresearch.com	1 redirects heho.com.tw
3	www.googletagmanager.com	heho.com.tw www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	kids.heho.com.tw	ml.oxra.com.tw
2	sync.teads.tv	1 redirects heho.com.tw
2	ius.ctnsnet.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	x.bidswitch.net	googleads.g.doubleclick.net
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	play.google.com	www.gstatic.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	v.clarity.ms	www.clarity.ms
2	www.clarity.ms	heho.com.tw www.clarity.ms
2	connect.facebook.net	heho.com.tw connect.facebook.net
2	images.dmca.com	heho.com.tw
2	securepubads.g.doubleclick.net	heho.com.tw securepubads.g.doubleclick.net
1	c.bing.com	1 redirects
1	r.popin.cc	heho.com.tw
1	tw.popin.cc	api.popin.cc
1	lifestyle.heho.com.tw	ml.oxra.com.tw
1	onetag-sys.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	code.jquery.com	ml.oxra.com.tw
1	json.geoiplookup.io	ml.oxra.com.tw
1	csp.withgoogle.com	heho.com.tw
337	60

This site contains links to these domains. Also see Links.

Domain
tools.heho.com.tw
pse.is
forum.heho.com.tw
npower.heho.com.tw
www.youtube.com
cancer.heho.com.tw
kids.heho.com.tw
lifestyle.heho.com.tw
myhope.com.tw
cparty.com.tw
sport.heho.com.tw
gogoal.com.tw
www.dmca.com
www.104.com.tw
heho.tw

Subject Issuer	Validity	Valid
heho.com.tw R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
oxra.com.tw R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
images.dmca.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-11` - `2023-12-10`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
geoiplookup.io GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.popin.cc Secure Site Pro CA G2	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://heho.com.tw/
Frame ID: 478A9ADF4E63C31BF5A00A0BF7240BE1
Requests: 134 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true
Frame ID: 603E22B5BE781AEB776E6B5EB93B1F21
Requests: 78 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw
Frame ID: 86F731C622FDCA57D5E894FA1720635B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: FF8ADEEF40DF30C9B1003232779BF434
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=2909568660&adf=3004921553&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222323&bpp=3&bdt=1237&idt=279&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=3496873869080&frm=20&pv=2&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=288
Frame ID: 41F6A0992BDE2432651058A59E9A72C9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1653759563&adf=1460166357&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=292&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=294
Frame ID: 03684664F2B7EA547DF8A5850BB8858F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300
Frame ID: D01A36D44A880B6033926A3FF4EC35AF
Requests: 21 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ox/mkt/ox-ra.html
Frame ID: F2EBFB322481EE2D6F1A143B8CF83712
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&adk=1812271804&adf=3025194257&lmt=1701601202&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222966&bpp=4&bdt=1879&idt=4&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120%2C1050x120&nras=1&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=60
Frame ID: 5479C3539BA1E4C9BBD6BE11F094EC28
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t6byv9a1kpgn
Frame ID: 94D3C40DF988F0F9A06C6957CBBFEC5E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 82E584D1F776C57F789482AFA4869958
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F63ED837C06263A6A0C3479116468D5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6AD6AFC58B215902AABCFAAF8127A3C5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FCB8B822BEE57CF11A67D5F1FB3FD4F3
Requests: 9 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Frame ID: 938D64535FBA700BFA46B997DA677DA1
Requests: 1 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Frame ID: 5ACA4F8779F2A814E43AAFBAB57509BA
Requests: 1 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Frame ID: 9F367832250770FCDAE93BFE3AE803DB
Requests: 11 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Frame ID: 5AD046E68873539F821D316403FEB366
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: F73B5C34BDC168AC1CA31531A9E4AF79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 8924000609462D992A1C3B2B9DBC5350
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: A37E4746B2124F53C0769B2415B1BEAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5324AAB84CCE4C067391AD5BCB48D9BF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD11E10C04348CBF3354F3A20D29C2FD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heho健康 - 最多人看的專業健康媒體

Page URL History Show full URLs

http://heho.com.tw/ HTTP 301
https://heho.com.tw/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

337
Requests

82 %
HTTPS

61 %
IPv6

37
Domains

60
Subdomains

50
IPs

10
Countries

11086 kB
Transfer

17367 kB
Size

42
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://tools.heho.com.tw/
Title: 健康小幫手

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bmi
Title: BMI 計算機 HOT

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodyfat
Title: 體脂率計算機 HOT

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/search-hospital/index.php
Title: 找院所

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bmr
Title: BMR/TDEE 計算機 HOT

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/search-medicine.php
Title: 藥品查詢

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/search-pharmacy/index.php
Title: 找藥局

Search URL Search Domain Scan URL

URL: https://pse.is/hehoapp
Title: Heho App

Search URL Search Domain Scan URL

URL: https://forum.heho.com.tw/
Title: 討論區

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bmi/
Title: BMI 計算機

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bmr/
Title: BMR/TDEE 計算機

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap
Title: 人體地圖查疾病

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap/body-map-body2.php
Title: 腦部/頸部/胸部

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap/body-map-body3.php
Title: 腹部

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap/body-map-body4.php
Title: 泌尿/生殖系統

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap/body-map-body5.php
Title: 皮膚/骨骼/肌肉

Search URL Search Domain Scan URL

URL: https://npower.heho.com.tw/
Title: 營養師說

Search URL Search Domain Scan URL

URL: https://npower.heho.com.tw/search-nutrition
Title: 營養查詢

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLXKQ6-iPJblHHaZLIpdX7MkSWxcUwcjEu

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLXKQ6-iPJblFb-_qRu-kAlhcluxNEfWRR

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLXKQ6-iPJblGOlQRC08D0fXdub7ojh3W7

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLXKQ6-iPJblGLe3SnaHbfpTaA6vt1Bg3e

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/
Title: 癌症百科

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/%E8%AA%8D%E8%AD%98%E7%99%8C%E7%97%87
Title: 認識癌症

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/prevent-cancer
Title: 預防癌症

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/%E6%B2%BB%E7%99%82%E7%99%8C%E7%97%87
Title: 治療癌症

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/research
Title: 抗癌新知

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/experience-sharing
Title: 抗癌故事

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/rehabilitation-conditioning
Title: 康復調理

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/resource
Title: 協助資源

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/%e8%aa%8d%e8%ad%98%e7%99%8c%e7%97%87

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/%e6%b2%bb%e7%99%82%e7%99%8c%e7%97%87

Search URL Search Domain Scan URL

URL: https://npower.heho.com.tw/?utm_source=heho-menu
Title: 營養 N 次方營養/生活/美學

Search URL Search Domain Scan URL

URL: https://kids.heho.com.tw/?utm_source=heho-menu
Title: Heho 親子懷孕/育兒/教養

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/?utm_source=heho-menu
Title: Heho 癌症症狀/治療/預防

Search URL Search Domain Scan URL

URL: https://lifestyle.heho.com.tw/?utm_source=heho-menu
Title: Heho 生活品味/美食/旅行

Search URL Search Domain Scan URL

URL: https://myhope.com.tw/?utm_source=heho-menu
Title: 希望商城健康/用心/選物

Search URL Search Domain Scan URL

URL: https://cparty.com.tw/?utm_source=heho-menu
Title: CParty 餐酒文化/餐飲

Search URL Search Domain Scan URL

URL: https://sport.heho.com.tw/
Title: Heho Sports 運動知識/運動營養

Search URL Search Domain Scan URL

URL: https://gogoal.com.tw/?utm_source=heho-menu
Title: GoGoal 勁球網國內/國際足球

Search URL Search Domain Scan URL

URL: https://kids.heho.com.tw/

Search URL Search Domain Scan URL

URL: https://lifestyle.heho.com.tw/

Search URL Search Domain Scan URL

URL: https://gogoal.com.tw/

Search URL Search Domain Scan URL

URL: https://cparty.com.tw/

Search URL Search Domain Scan URL

URL: https://myhope.com.tw/

Search URL Search Domain Scan URL

URL: https://npower.heho.com.tw/nutrition-course?utm_source=floating&utm_medium=heho

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=92f4d6c1-aaf5-4037-9b43-72143adcf46e&refurl=https://heho.com.tw/

Search URL Search Domain Scan URL

URL: https://www.104.com.tw/company/1a2x6bl1fx
Title: 徵才資訊

Search URL Search Domain Scan URL

URL: https://heho.tw/QFIBRN9h4C?pub=428

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heho.com.tw/ HTTP 301
https://heho.com.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png

Request Chain 22

https://heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png

Request Chain 25

https://heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg

Request Chain 26

https://heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg

Request Chain 27

https://heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg

Request Chain 28

https://heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg

Request Chain 46

https://sb.scorecardresearch.com/cs/36287102/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 50

https://heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png

Request Chain 59

https://heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png

Request Chain 60

https://heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png

Request Chain 61

https://heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png

Request Chain 62

https://heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png

Request Chain 63

https://heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png

Request Chain 64

https://heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png

Request Chain 65

https://heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png

Request Chain 66

https://heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png

Request Chain 67

https://heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png

Request Chain 68

https://heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png

Request Chain 69

https://heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png

Request Chain 70

https://heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png

Request Chain 73

https://heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png

Request Chain 104

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/338904101/?random=1606486545&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=511695047.1701601222&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=xl9sZb-vJtbOgAfRx7EY&sscte=1&crd=&pscrd=EkxDaEFJZ091d3F3WVFyYlhYdXI3VHg3SWdFaVVBNnlyeEZaZ21Xdnlhc2tVeTdrVUY5U0w5a3ZXb0VIV1FXbWd1LWp4NUdMdmh1UnFyGldDaEFJZ091d3F3WVFnTnlNNGVUcHpLcFZFaTBBMUNWU2lwNTYzOTdGeWpFNlZZam82OThYVlpLbzF0Ry1MTVBkTlBPYmpSUUlhRzR2Y2JPeXE4SHhzT0kiEwi_qrLDjvOCAxVWJ-AKHdFjDAM HTTP 302
https://www.google.com/pagead/1p-conversion/338904101/?random=1606486545&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=511695047.1701601222&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ091d3F3WVFyYlhYdXI3VHg3SWdFaVVBNnlyeEZaZ21Xdnlhc2tVeTdrVUY5U0w5a3ZXb0VIV1FXbWd1LWp4NUdMdmh1UnFyGldDaEFJZ091d3F3WVFnTnlNNGVUcHpLcFZFaTBBMUNWU2lwNTYzOTdGeWpFNlZZam82OThYVlpLbzF0Ry1MTVBkTlBPYmpSUUlhRzR2Y2JPeXE4SHhzT0kiEwi_qrLDjvOCAxVWJ-AKHdFjDAM&is_vtc=1&ocp_id=xl9sZb-vJtbOgAfRx7EY&cid=CAQSKQDICaaN7vpXEYmBvP9Wl2-rBW8ANOamlMyRMrJLmpE8BHVz8VkgBMqn&random=3113077392 HTTP 302
https://www.google.de/pagead/1p-conversion/338904101/?random=1606486545&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=511695047.1701601222&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ091d3F3WVFyYlhYdXI3VHg3SWdFaVVBNnlyeEZaZ21Xdnlhc2tVeTdrVUY5U0w5a3ZXb0VIV1FXbWd1LWp4NUdMdmh1UnFyGldDaEFJZ091d3F3WVFnTnlNNGVUcHpLcFZFaTBBMUNWU2lwNTYzOTdGeWpFNlZZam82OThYVlpLbzF0Ry1MTVBkTlBPYmpSUUlhRzR2Y2JPeXE4SHhzT0kiEwi_qrLDjvOCAxVWJ-AKHdFjDAM&is_vtc=1&ocp_id=xl9sZb-vJtbOgAfRx7EY&cid=CAQSKQDICaaN7vpXEYmBvP9Wl2-rBW8ANOamlMyRMrJLmpE8BHVz8VkgBMqn&random=3113077392&ipr=y&ezwbk=AZuM4hCy1oKt2luOekCwci-zrkt3DOCuEje0TOu4G_Zeck8lwszxmcim3DxuRgrpjbd1Maj2LxeYB87qmphqOCy1A6Cj

Request Chain 123

https://heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif

Request Chain 130

https://heho.com.tw/wp-content/uploads/2019/08/0815-%E6%84%9F%E5%86%92_%E6%B5%81%E6%84%9F_%E8%97%A5%E7%89%A9.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2019/08/0815-%e6%84%9f%e5%86%92_%e6%b5%81%e6%84%9f_%e8%97%a5%e7%89%a9.png

Request Chain 131

https://heho.com.tw/wp-content/uploads/2021/09/1632648310.439.jpg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/09/1632648310.439.jpg

Request Chain 132

https://heho.com.tw/wp-content/uploads/2020/09/861a14b42c64370b7f69d638738eb289.jpg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2020/09/861a14b42c64370b7f69d638738eb289.jpg

Request Chain 133

https://heho.com.tw/wp-content/uploads/2019/08/190805-%E4%B8%AD%E8%97%A5%E8%8C%B6.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2019/08/190805-%e4%b8%ad%e8%97%a5%e8%8c%b6.png

Request Chain 134

https://heho.com.tw/wp-content/uploads/2023/12/1701422916.4307.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/12/1701422916.4307.png

Request Chain 135

https://heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png

Request Chain 136

https://heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png

Request Chain 163

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENqBvHCDg3cbWuhH60Uo04E&google_cver=1&google_push=AXcoOmSB4fM3RY_xqYTcDtnKzMUvYV6SBJl66ys1QkdK2OnOyE7u1CWQOXNkDxQlPQonlLmkw3bs-iM15eXyQPjQznGJW9GF5qfbIZx1Yj4Q-9dEV3qzGu_cxBVZbVSsFzlJzoQBzd2HpnDQfZ1V6NxMaAD9KQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ2NzkyODg4MDg5MjE2Nzg1OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENUh5uYGR0WK_NdccoX2zFM&google_cver=1

Request Chain 165

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMu32Gpl-npUHDMTmwD3L90&google_cver=1&google_push=AXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjzgPQQ_E-UDARuaxCvxC3ZJIkgomy9KNyFiKDy6T5n4NVvGiv36avOKwS9HI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjzgPQQ_E-UDARuaxCvxC3ZJIkgomy9KNyFiKDy6T5n4NVvGiv36avOKwS9HI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMu32Gpl-npUHDMTmwD3L90&google_cver=1&google_push=AXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjzgPQQ_E-UDARuaxCvxC3ZJIkgomy9KNyFiKDy6T5n4NVvGiv36avOKwS9HI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjzgPQQ_E-UDARuaxCvxC3ZJIkgomy9KNyFiKDy6T5n4NVvGiv36avOKwS9HI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 166

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENZifkp4VtxF-i6RgzQn0Nc&google_cver=1&google_push=AXcoOmSOs8i2PyP88mp8nULTz7ontZ8wBDNHSlEYKYVl1GxDRwd7X3VVL7FDb0vhM1vI-s-HLF5iTi-s8WZ6_xye9ro7o8hcxxIB0pTohw6XhgmgTSK3oj5aXp_qs1uTqcGQMbptKIvhJxqBFE_Q5tLKD0VrPGk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENZifkp4VtxF-i6RgzQn0Nc&google_push=AXcoOmSOs8i2PyP88mp8nULTz7ontZ8wBDNHSlEYKYVl1GxDRwd7X3VVL7FDb0vhM1vI-s-HLF5iTi-s8WZ6_xye9ro7o8hcxxIB0pTohw6XhgmgTSK3oj5aXp_qs1uTqcGQMbptKIvhJxqBFE_Q5tLKD0VrPGk

Request Chain 167

https://um.simpli.fi/gp_match?google_gid=CAESEBpw-PTQ2H_hfjrlFrctDaY&google_cver=1&google_push=AXcoOmSmzWJmullx_oDkjopbIR3KWm3p8T-ZnIsRaMwXj4gwrA3oLdweEGavusj6LjFjhVXIRJXaMwVLDnjY4kajXY_CwLjoICnXcvYU_dUfuNsLlpZyJ5mJ3YjNw7tymMEff-KAh1Rq8qTjxf93doOEhSY4LLc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=46C41117691F4D168A58B311D7045365&google_push=AXcoOmSmzWJmullx_oDkjopbIR3KWm3p8T-ZnIsRaMwXj4gwrA3oLdweEGavusj6LjFjhVXIRJXaMwVLDnjY4kajXY_CwLjoICnXcvYU_dUfuNsLlpZyJ5mJ3YjNw7tymMEff-KAh1Rq8qTjxf93doOEhSY4LLc

Request Chain 168

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHE40jI696wUbh5rIKetpXE&google_cver=1&google_push=AXcoOmQM0x92Z3PToUnAiFws6GnFP8JAj0KrVtJMNf_QmJ3QD-eLvqVtZzvAKw7beLSHJlwaLhZWeIPAnHTwpsiAUS2M7eGOUvOFC_sGZTZujNRqAwJHnzcMSh_F9qAvttx6ubACFt1kYJTNELi9PHWRZBTunq4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Mg67TMZiTVIQOylj6Y-TdQ&google_push=AXcoOmQM0x92Z3PToUnAiFws6GnFP8JAj0KrVtJMNf_QmJ3QD-eLvqVtZzvAKw7beLSHJlwaLhZWeIPAnHTwpsiAUS2M7eGOUvOFC_sGZTZujNRqAwJHnzcMSh_F9qAvttx6ubACFt1kYJTNELi9PHWRZBTunq4

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 203

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgyeLVIBCwCBiwCDIIOb8Ght5mQhk HTTP 301
https://tpc.googlesyndication.com/simgad/7867982516943128514

Request Chain 209

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJJy7UgjSRyjT8uF_Y5rV0A&google_cver=1&google_push=AXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD649OPslzzQ1AeFC3ou5p9ZyQhK200_nSNGRXIolyOuP_sM66fGt8zTkJSdBw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD649OPslzzQ1AeFC3ou5p9ZyQhK200_nSNGRXIolyOuP_sM66fGt8zTkJSdBw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJJy7UgjSRyjT8uF_Y5rV0A&google_cver=1&google_push=AXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD649OPslzzQ1AeFC3ou5p9ZyQhK200_nSNGRXIolyOuP_sM66fGt8zTkJSdBw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD649OPslzzQ1AeFC3ou5p9ZyQhK200_nSNGRXIolyOuP_sM66fGt8zTkJSdBw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 211

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQ6sUvJKUAoyX7c6U78FLI&google_cver=1&google_push=AXcoOmRTR5T3JKXpDi0NZFhQAuS8R8MTLOgN9Pow7zFQxmtVvIB0QS6SwVYV8nISQzO2wCvRTTfLTrBfaRYBDxW72q47jywIAdYeLMWTgbVslHTuhHEmgceJ9ICg0djN1CDfE8zmwk5iJ2j_mhWevkmvWO0sig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRTR5T3JKXpDi0NZFhQAuS8R8MTLOgN9Pow7zFQxmtVvIB0QS6SwVYV8nISQzO2wCvRTTfLTrBfaRYBDxW72q47jywIAdYeLMWTgbVslHTuhHEmgceJ9ICg0djN1CDfE8zmwk5iJ2j_mhWevkmvWO0sig&google_hm=eS0wclpReUFSRTJwR0kybHBMZFh3ZjdUNTBNcnV3NlNwX35B

Request Chain 213

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEK46G6bOke0NObq4cnxbd4g&google_cver=1&google_push=AXcoOmTmHSGrzS6KGps6NybPnZNZ3-V6Q5xtoGTmMD26f-901uaW3uuqtWD_7RjjA0cl6ybAWMaAjhDnuxY8KwB9aQyApEwitRfNLIu6cTYwFRMZPnZK5EmYeACZc21MCmSL3xcvpavch-TIhNLGmF3bZIaNV4V5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTmHSGrzS6KGps6NybPnZNZ3-V6Q5xtoGTmMD26f-901uaW3uuqtWD_7RjjA0cl6ybAWMaAjhDnuxY8KwB9aQyApEwitRfNLIu6cTYwFRMZPnZK5EmYeACZc21MCmSL3xcvpavch-TIhNLGmF3bZIaNV4V5&google_hm=aUnVhLs_SE6He1KYesmE__c

Request Chain 214

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGOcxvDz2HtQtXurbDAdUHg&google_cver=1&google_push=AXcoOmQQa-96HEbXdrkLwZAIjP6Ji11svJE01LITa1SjPx13zHZoiHJ5FDHBoroNz7xGRbrWHAY2wG2Li95q6kNYB_nP2HAOIEVay94rMX3oXYdgOi4cb6IM9_OeBihVP1NkIshNqaE7AXODQtAvKDH36m2KpvHF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQQa-96HEbXdrkLwZAIjP6Ji11svJE01LITa1SjPx13zHZoiHJ5FDHBoroNz7xGRbrWHAY2wG2Li95q6kNYB_nP2HAOIEVay94rMX3oXYdgOi4cb6IM9_OeBihVP1NkIshNqaE7AXODQtAvKDH36m2KpvHF HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 217

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB4U5Gq73QQ-xdlmLB3xQ9U&google_cver=1&google_push=AXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyvKry&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyvKry%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB4U5Gq73QQ-xdlmLB3xQ9U&google_cver=1&google_push=AXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyvKry&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyvKry%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 220

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBsoIuMn_GTh25ErAKbK81g&google_cver=1&google_push=AXcoOmSNONYAyJr4BgaWJ2IAp5ibpKoeNfXJljAC4wSDTNo1kRcQSb7P_9cTsy_vjo4t8DuGm5toyvlHORe4-bw2SMDbtJWx0wVGV0Xf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSNONYAyJr4BgaWJ2IAp5ibpKoeNfXJljAC4wSDTNo1kRcQSb7P_9cTsy_vjo4t8DuGm5toyvlHORe4-bw2SMDbtJWx0wVGV0Xf&google_hm=eS1jVGVhYXU1RTJwRkdYcmlxcFFITEdvZGxDSktlQkRWMH5B

Request Chain 221

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDkmFgvaTXqZ3AlmTO6PGIA&google_cver=1&google_push=AXcoOmSJcRBourEMzAF-RJzmBv1H9e7vy0Bfu5o1mNpgmHQ3lLEa6aHYeAyZQ2SOH8eimhGrK9WRF4h0LZe3ycWVXVXatvrOwJijjy5F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJcRBourEMzAF-RJzmBv1H9e7vy0Bfu5o1mNpgmHQ3lLEa6aHYeAyZQ2SOH8eimhGrK9WRF4h0LZe3ycWVXVXatvrOwJijjy5F

Request Chain 222

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEIWFH90EoppWjFAqOWj2NDM&google_cver=1&google_push=AXcoOmTQuRWLZX4zxYzN3e-UCm-nqlvvJ22Oy8XzHGi9_37pqLLtUqhmzG-DwfITSMrtfkmum-OfZVEaSexXubGxM3PXvsWM7fzctnqojQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTQuRWLZX4zxYzN3e-UCm-nqlvvJ22Oy8XzHGi9_37pqLLtUqhmzG-DwfITSMrtfkmum-OfZVEaSexXubGxM3PXvsWM7fzctnqojQ&google_hm=n0a24CcgQCWJGlNWZmHsE_c

Request Chain 227

https://googleads.g.doubleclick.net/pagead/adview?ai=CCqT-xl9sZcqPLcW05LcP89urqAL-saXtcp_H-_ucEmQQASCil8tqYJX68IGMB6ABi9SnlQLIAQOpAocWcjmKQrI-qAMByAPJBKoEigJP0LvOKh_IguDpfbDtOualIOVMI0jDHTPDqO0Nl4jaFyxwUkiB0OBm97q2UsWe5JZeVxqZJ-kU2r9OLwIPtlDZO75MK3FEuBwsxlpiJNhxSZkuRHi31NJmVKCf3WUstpQ9_aG_SaAadiQltLjb_BK0ro286T6bQOkdtzHopL0VO4kX6LqUJ8WclkiIU90OjKxGOK20fJYcML2MYf9z-R8_vh4sTkJF7KO0U0Qr4zpBbFRgN-ini3XxviqMnIQQigSiWFpFcm0GdAR-sL_Iksdpjy7jwW0voFlZ8VUxEjRBZ8G7k8G7x0HJcOzrrfG2p06wvhVUzWv23SqsAmwmZXcQyF_q6aWoz0jZY8AE-KXJurwEiAWT7N69TJIFBAgEGAGSBQQIBRgEoAYDgAfdq9jqAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKOYCtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYpNy0w47zggOaCRVodHRwOi8vd3d3LnRyaXNvci5kZS-ACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU2OTM4MDcxNDkwNTU4MjUYAA&sigh=1WwpkYQN014&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNWf6-6NFPPYOezdWHI_J3EFM8_ntRXGiaQkz7cDhN52_O7XxHylWMPiZ4leRR_4e1lylflZcaGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222638695425718370240%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581560843%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227116936791979920753%22}&andc=true

Request Chain 232

https://googleads.g.doubleclick.net/pagead/adview?ai=CEk7qxl9sZZvJLPKy5LcPrqmX6ASywMPIdMPZjYiLEp7r56vsQBABIKKXy2pglfrwgYwHoAGEpezhAsgBCakChxZyOYpCsj6oAwHIA8uEgIAEqgT3AU_QSmbkhncK-os4P2WJJzotf95Byr21JOTSlfKxbboDzFGO6lzlnLqaVYE67JoQqjKgxyMCqRyJLCDPrJzrdpE1_EG4TcF-fsCxSAprS_fJ_s2mCmUJsxyDALWNYKQDrjnWvJljrh5laJU4yZcBN-KbNvqik7N2oUFjE9LL5FIiXaXqxzzwutceqcpEmSEZJcUeihJvzKDYB5VLrT-UsKxQmMf7yDxqB0sJST8bstH6_im6vf_3TiCGezAPD5etilcfS-jHxcsGEWSrsiijD_0PPmNofQ7RMXG60BkRCr2Vplw19vgKpcpzB7Srwlkj5dLiH7GSQbHABLnFmv3KBIgF6f7wgE2SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzOf2pAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD1gUvSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIOZtMOO84IDmgkdaHR0cHM6Ly93d3cudHJhdmVscGVyay5jb20vZGWACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNTY5MzgwNzE0OTA1NTgyNRgA&sigh=fE9AIunOyTY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNfxvUwR6HEMPUF76a3TN5rFzPIQfONvFmb7xY9QvM4X3-T4ObaVtqU7g6I6JnNPTUFEj-MG056xgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210840842784210382075%22,%22debug_reporting%22:true,%22destination%22:%22https://travelperk.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22742068868%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214059720795433692913%22}&andc=true

Request Chain 237

https://heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png

Request Chain 248

https://heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png

Request Chain 249

https://heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png

Request Chain 251

https://heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png

Request Chain 257

https://heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png

Request Chain 259

https://heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png

Request Chain 260

https://heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png

Request Chain 261

https://googleads.g.doubleclick.net/pagead/adview?ai=CJbpOxl9sZYrJLcyR5LcP8faYkAuowYrNdPOAue2uEtzo3P-pQRABIKKXy2pglfrwgYwHoAHor-yIA8gBCakChxZyOYpCsj6oAwHIA8sEqgT4AU_QM9kBRYnq5e9ik3mF_TSUoh2AOeME1DjpQ87x6kmtLLF_2qJoATIP2YUNtxUFzrVCxRekoP9jD5M6QKauQDOCBMEiql_IjvKpzmgSodsalCGrG2mFa9y47ZzQeoReUhiW-QIDINWFmbOsykYabLttyAkP68v3_L12B0r6a0gOHZzDuUYGAuY4LYgmDPPPPb9wMUsy3SVOKHfUBekknw_H2g3R1NCZkFNgeSXx6QZM68GUyPgNl-4ac-VV-L3yPoZSBcPJ2Td1R5yxwVOITxO2ExCB2IYhMRp64oiOhJcLlsxC_i0uxJLjFq91Dw26htv0mDWzXe4ZwATKzveLxgSIBd3ls55NkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQr6oF0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlidk7XDjvOCA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoByAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItNTY5MzgwNzE0OTA1NTgyNRgA&sigh=-A6P1oPRWP4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNF_vTXUcdxanpo8WmLqM3c2egg2wj70Qq6o0tr5-vLb5GbiSo-FdKvDjtHm8EEh6_TBvS-2d_pBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226754542279783298576%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224226312878816399345%22}&andc=true

Request Chain 337

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F9DA249CC0A64275A2A7E8DA3F9E793C&RedC=c.clarity.ms&MXFR=29533C461DC5662F3B572F9A19C568A3 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F9DA249CC0A64275A2A7E8DA3F9E793C&MUID=0272134714F6601E2FB2009B159D6181

337 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heho.com.tw/
Redirect Chain

http://heho.com.tw/
https://heho.com.tw/

423 KB
61 KB

375ms
312ms

Document
text/html

34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 35bbc7f2906050ec0d11b2fce351bd780046963e8d06fa3b3a396d7fd8c0076c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 11:00:20 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Sun, 03 Dec 2023 11:00:02 GMT
pragma: no-cache
server: Apache/2.4.41 (Ubuntu)
vary: User-Agent,Accept-Encoding
via: 1.1 google

Redirect headers

Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 03 Dec 2023 11:00:20 GMT
Location: https://heho.com.tw:443/

GET
H2 200 flatsome.js
heho.com.tw/wp-content/themes/flatsome/assets/js/ 0
16 KB 349ms
348ms Other
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/flatsome.js?ver=be4456ec53c49e21f6f3
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16738
expires: max-age=2592000, public

GET
H2 200 chunk.slider.js
heho.com.tw/wp-content/themes/flatsome/assets/js/ 0
13 KB 371ms
370ms Other
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13382
expires: max-age=2592000, public

GET
H3 200 chunk.popups.js
heho.com.tw/wp-content/themes/flatsome/assets/js/ 0
7 KB 505ms
503ms Other
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7220
expires: max-age=2592000, public

GET
H3 200 chunk.tooltips.js
heho.com.tw/wp-content/themes/flatsome/assets/js/ 0
10 KB 468ms
466ms Other
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10106
expires: max-age=2592000, public

GET
H2 200 styles.css
heho.com.tw/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 337ms
335ms Stylesheet
text/css 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Nov 2023 06:21:51 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1015
expires: max-age=2592000, public

GET
H2 200 front.min.css
heho.com.tw/wp-content/plugins/image-sizes/assets/css/ 126 B
247 B 327ms
325ms Stylesheet
text/css 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/image-sizes/assets/css/front.min.css?ver=4.1
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bc3fa17b0c4f879f13a223996f66eb9fad7c84385b2967e3781a3680a6e6a811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 17 Aug 2023 06:06:30 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
expires: max-age=2592000, public

GET
H2 200 style.css
heho.com.tw/wp-content/uploads/maxmegamenu/ 137 KB
11 KB 342ms
340ms Stylesheet
text/css 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/uploads/maxmegamenu/style.css?ver=efd62a
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 60f4bc6d7145eac78eacce4c985befa2f47a66af0fc33f5e5f99f43cc2c080f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 May 2023 07:25:45 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11518
expires: max-age=2592000, public

GET
H2 200 dashicons.min.css
heho.com.tw/wp-includes/css/ 58 KB
35 KB 375ms
373ms Stylesheet
text/css 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/css/dashicons.min.css?ver=6.3.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 10 Jun 2021 23:13:18 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35730
expires: max-age=2592000, public

GET
H2 200 jquery.auto-complete.css
cdnjs.cloudflare.com/ajax/libs/jquery-autocomplete/1.0.7/ 653 B
913 B 104ms
39ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-autocomplete/1.0.7/jquery.auto-complete.css?ver=1.0.7

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7fab9e736b5a64ab2fd063444bc8737b54f6e0a559c2a6a04149d952a75017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 207496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 252
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-28d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOO4A7nS9DhUBmip42qj8paAsJxbMpI90emnyuz7eQbcRBvtE%2FMXjg6MANnUwgEGrmvBetz2Jf8KMWo4%2BYfiGVOSCDhWpiBjcYgmYyKu9U392BSmJDFKYlVhzBtOy9m8uNkXuXCpExtsxCmhUTTL2K65"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82fb4e308f4fbf6f-WAW
expires: Fri, 22 Nov 2024 11:00:21 GMT

GET
H2 200 flatsome.css
heho.com.tw/wp-content/themes/flatsome/assets/css/ 148 KB
30 KB 368ms
366ms Stylesheet
text/css 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 47f1d0dc5c8ad11e9fcc9fb81023552a39854dfe3a8f67609b8ea44c1685c3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30142
expires: max-age=2592000, public

GET
H2 200 style.css
heho.com.tw/wp-content/themes/flatsome-child/ 18 KB
5 KB 348ms
347ms Stylesheet
text/css 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome-child/style.css?ver=3.17.3
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 308bd8594b227122898d10838a3b719f545cd4ba4f02a408fc0b7ff43f17ca30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 28 Nov 2023 01:56:55 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4947
expires: max-age=2592000, public

GET
H2 200 jquery.min.js Show response
heho.com.tw/wp-includes/js/jquery/ 85 KB
30 KB 362ms
361ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 16 Oct 2023 00:47:08 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30343
expires: max-age=2592000, public

GET
H2 200 jquery-migrate.min.js Show response
heho.com.tw/wp-includes/js/jquery/ 13 KB
5 KB 365ms
364ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 16 Oct 2023 00:47:08 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4872
expires: max-age=2592000, public

GET
H2 200 seo-automated-link-building.js Show response
heho.com.tw/wp-content/plugins/seo-automated-link-building/js/ 493 B
382 B 376ms
375ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/seo-automated-link-building/js/seo-automated-link-building.js?ver=6.3.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Jun 2023 02:46:27 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
expires: max-age=2592000, public

GET
H2 200 inputtitle_submit.js Show response
heho.com.tw/wp-content/themes/flatsome/js/ 649 B
427 B 360ms
360ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/js/inputtitle_submit.js?ver=6.3.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 48d68ba83268a7d5262f2af34a516346aa970e5212d9605664c6dc390bfed129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 28 Dec 2020 08:13:27 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
expires: max-age=2592000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 249ms
90ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-105027460-1

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

797dd891b6f03158206e00fa2386d8f75437b7dcf734c1e9cd4874305c2e3d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H2 200 heho-mkt-global.js Show response
ml.oxra.com.tw/ox/mkt/js/ 33 KB
7 KB 826ms
269ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f16700a582fbcb0a4dce154cb5fab6fd32ed12a495c7e2678be5d0ad93e282c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:24:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"654467e4-83b8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 heho-infinite-sdk-heho.js Show response
ml.oxra.com.tw/ox/mkt/js/ 43 KB
7 KB 1093ms
536ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-infinite-sdk-heho.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5bd95d97908d15bffb7bee4ac7fafc2b7c19de43cb27447eb8ea21fd72d476b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 02:56:32 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65446160-ad31"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 sticky-kit.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sticky-kit/1.1.3/ 3 KB
2 KB 105ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sticky-kit/1.1.3/sticky-kit.min.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

738465a35668cea4cf13644bbaf6eeb18dfe494d6941a242d138ee87280c8a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2711922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1245
last-modified: Mon, 04 May 2020 16:16:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fdc-cd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVssYFju1dOIhlRGPahD1%2BiI8EHD6wqNvrE%2BX3XOvaKCfUyRcPmo%2F8BezRT69GNLuLuOrWiiYdrtoOZ%2BjUxU9fpvTwynIU4sxTqeKG%2FP6DJKbEEIuPxZoYTo7PRuZCZD2dqxBL8YJlb3YEFuYnvWAHbu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82fb4e308f51bf6f-WAW
expires: Fri, 22 Nov 2024 11:00:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 338ms
173ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc4624041972901a92c9227733fc7679e8e6a4ccab765f9d06e75fd6c621d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52776
x-xss-protection: 0
server: cafe
etag: 4779489995153878335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 293ms
139ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

298b8daa7c02055bd4496270bb4ebdb6116a05a47cfc7425cab63acc83190423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30389
x-xss-protection: 0
server: cafe
etag: 433 / 19694 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H2

200

b28837887ae86c49b66bc05e04dd346e.png
img.heho.com.tw/wp-content/uploads/2020/07/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png

3 KB
4 KB

184ms
51ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cecb66bde508c9248d803c80e120330c2390474f21df544bee4d8d34b22810e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 991787
alt-svc: h3=":443"; ma=86400
content-length: 3295
last-modified: Thu, 27 Aug 2020 06:39:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyAxKlabTbwammTQjXDxsACXd7B5ZKhfHw9ZVr%2Bk3ZOb4Sum84eUEru1MHcHCdXcgEA8YuJJkMe7vvtwziLP7nstsOUzvbAD1OEU3GzT03t%2FJ%2FNB7h%2BxJlfSFt8c8kpzJFXcn6KBBshVl3F6tMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e330b8e3c83-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
content-type: text/html; charset=iso-8859-1

GET
H2

200

1685591982.4705.png
img.heho.com.tw/wp-content/uploads/2023/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png
https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png

143 KB
144 KB

111ms
55ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd37899aca2011cdf18276fe93b568460f41a8a9aa4af0dedae29e28e0f7cc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 463056
alt-svc: h3=":443"; ma=86400
content-length: 146514
last-modified: Thu, 01 Jun 2023 03:59:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk7lfv80GfKaGhrEo4sNMdnHm44TJvAd7xNZ%2FQrNyyird045viwKBHutI%2B1DKj%2BDDBPXdsNgNfsQgRBnvEh1sZVD2YxFcnmBxR43SRS9hR%2F2dQ3wqKMTI%2FFCDA3Q4egtPTdHRck1HpqR9qvvyeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e330b8c3c83-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png
date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H2 200 dmca_protected_sml_120n.png
images.dmca.com/Badges/ 2 KB
3 KB 100ms
28ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120n.png?ID=92f4d6c1-aaf5-4037-9b43-72143adcf46e
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: 45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 10/31/2023 18:59:51
cdn-pullzone: 1574055
content-length: 2060
last-modified: Tue, 04 May 2010 23:19:10 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "a7af7333e0ebca1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 454ef7271659f3ae3e2d2313055a7fd6
accept-ranges: bytes
cdn-requestcountrycode: SE
link: <https://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120n.png?ID=1749cafb-2fcb-4f72-bfc7-9694f5610177>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
843 B 28ms
28ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 10/31/2023 19:00:40
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 130da77afd287a8d11dc2a314a34c374
cdn-requestcountrycode: SE
link: <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

1623040116.8368.svg
img.heho.com.tw/wp-content/uploads/2021/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg

4 KB
2 KB

44ms
44ms

Image
image/svg+xml

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf44c84e33e64332bb97121e566eb096f411850877443b97c310e598ef10e72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 991786
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 04:28:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFTbu%2BRdjMcyzifhT8JcDpLxSFJI9C2Wy9toBEpw3QtWjGHhKsPllsR%2FUNbzD74RDTu7owJ7jdnrUhqP6EwbiUoE2anQ9gBshl%2B5beYbwB1RXReylRvvyX%2FlInH4%2FsiHgbUnGrD9XaVR%2FIvVHMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82fb4e352e243c83-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg
date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1623040942.0376.svg
img.heho.com.tw/wp-content/uploads/2021/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg

2 KB
2 KB

48ms
48ms

Image
image/svg+xml

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600db4b0c037c60bc7cf0f6508cd29ff8d97e1d02267a626b444a28d7c75d298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272910
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 04:42:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJiUr2o71NXXuhMiJRNIh8nFkwjaHL48hVNXb2vvckpx2Rx8fIxgmSjNjpm7KJe3761AObksu%2Bq%2FuGHDcDLQ8GvdkNsa%2Bs0lpreKJinHg2%2BoOKl0pdCsq4Q5tXAQ%2BQkRiTAjrXJxdaZ7DWfscRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82fb4e3699fa999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1623040116.3431.svg
img.heho.com.tw/wp-content/uploads/2021/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg

1 KB
1 KB

49ms
49ms

Image
image/svg+xml

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fea32efefa901ef8406bee583dcea828fc0871ca38f7227475fc8d6a520da9dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 195893
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 04:28:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZhPoJuj0a6BobFERp6tlXMp%2BTWAATx7csFsyRAfgNJ%2Bwd8VL277RUt6j2jj9ffxH8Wa1F%2FYl9SdQ%2BXOhxN3uQ%2FaJUEpIFsMibK%2Bet6y8nxKdRYAMXM%2Bz0iWIbUquq4dtPz2qOIPo7QZ%2BAp1iiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82fb4e36aa21999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1623040117.0803.svg
img.heho.com.tw/wp-content/uploads/2021/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg

1006 B
1014 B

47ms
47ms

Image
image/svg+xml

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87b18f50b21e8e3e68778d553e17395f44f3d18bcf9d664f852e9a7d515a6c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368234
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 04:28:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkAXIHFRO8L%2FCWb234nGJmDt5Z5FqOJHP3mKtPFm7vu3fnL1D3yvoQgEQj%2FO9FKd8Etq00YpurAawwbdgCq0suWAe02c9mwApakuFKsc2646qQo6yPpVc4dCvt588SYZ7B8gmWOtH9jpYdEA%2FjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82fb4e36aa1d999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H2 200 1649640641.534.png
img.heho.com.tw/wp-content/uploads/2022/04/ 9 KB
9 KB 47ms
45ms Image
image/png 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/04/1649640641.534.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 889aad1463a00bc7c4fda2a94819d09f932bde81010eaa9f7b9f74402f3fc579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 371051
alt-svc: h3=":443"; ma=86400
content-length: 9006
last-modified: Mon, 11 Apr 2022 01:30:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RF5RWulV6ixyMnksjAikLFejhwSOkUvs8ulqgGO5M3DB%2BKps3ubE8O01ElDAKiasbKSefOrZaB3RD5ki3UHGN6lzDExhM3QZwSqC8UlE9uNqK8smFlrVAiRwkP46nE1nd%2BMo4ECSS0482HujGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e34cd973c83-CDG
expires: max-age=2592000, public

GET
H2 200 1649640644.1429.png
img.heho.com.tw/wp-content/uploads/2022/04/ 10 KB
10 KB 45ms
44ms Image
image/png 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/04/1649640644.1429.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6ba6d140a0b4673d579dd5cd2428521d9141c946dcb02884c0c5a3b3913cd7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 283914
alt-svc: h3=":443"; ma=86400
content-length: 10191
last-modified: Mon, 11 Apr 2022 01:30:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pa6R4LzSlnw8gSj6RQQwiahB%2B5APfpvHWqqIll7P1hGhAqW8ZSJHNs8Rn0MPwaj8HP898jlt%2BuZturtZqBI1zrOM8pnzCk2DwJtGsm5df2ZSNt3L0v0DDTE%2F80FrMNdkzKY5jyK9gA9fEekH1mE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e34cd9b3c83-CDG
expires: max-age=2592000, public

GET
H3 200 tsconvert.js Show response
heho.com.tw/wp-content/themes/flatsome-child/js/ 12 KB
8 KB 498ms
497ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome-child/js/tsconvert.js?0811
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: f8cc03e63c2624c1e817c00f6dfb085759dcff6aa84c37fcd65050023fd582e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 11 Aug 2021 03:16:22 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7690
expires: max-age=2592000, public

GET
H3 200 index.js Show response
heho.com.tw/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 565ms
564ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Nov 2023 06:21:51 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3212
expires: max-age=2592000, public

GET
H3 200 index.js Show response
heho.com.tw/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 701ms
698ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Nov 2023 06:21:51 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4191
expires: max-age=2592000, public

GET
H3 200 jquery.auto-complete.js Show response
heho.com.tw/wp-content/themes/flatsome/js/ 8 KB
2 KB 489ms
486ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/js/jquery.auto-complete.js?a=3&ver=1.0.7
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c063fc54a4bcec5e67e63ec0c5fb62be66be35509203e143a97de4e7eae0e4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 15 Dec 2020 06:38:28 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2177
expires: max-age=2592000, public

GET
H3 200 global.js Show response
heho.com.tw/wp-content/themes/flatsome/js/ 1 KB
579 B 578ms
575ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/js/global.js?a=3&ver=1.0.0
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d6160ac2857a97b2e8b68b394977418e28dc43947425deb37fdea506582787aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 11 Dec 2020 05:53:00 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
expires: max-age=2592000, public

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 285ms
119ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&ver=3.0

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8341e035f8572a07e1afa2e95d48bf9a97d33844e27e4300bb8c0de6e172211b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
heho.com.tw/wp-includes/js/dist/vendor/ 8 KB
2 KB 604ms
601ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 19 Jun 2023 07:09:18 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2484
expires: max-age=2592000, public

GET
H3 200 regenerator-runtime.min.js Show response
heho.com.tw/wp-includes/js/dist/vendor/ 6 KB
2 KB 638ms
636ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 19 Jun 2023 07:09:18 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2499
expires: max-age=2592000, public

GET
H3 200 wp-polyfill.min.js Show response
heho.com.tw/wp-includes/js/dist/vendor/ 16 KB
6 KB 694ms
691ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 16 Oct 2023 00:47:08 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5889
expires: max-age=2592000, public

GET
H3 200 index.js Show response
heho.com.tw/wp-content/plugins/contact-form-7/modules/recaptcha/ 934 B
503 B 744ms
742ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Nov 2023 06:21:52 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 483
expires: max-age=2592000, public

GET
H3 200 hoverIntent.min.js Show response
heho.com.tw/wp-includes/js/ 1 KB
730 B 466ms
464ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 19 Jun 2023 07:09:18 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706
expires: max-age=2592000, public

GET
H3 200 flatsome.js Show response
heho.com.tw/wp-content/themes/flatsome/assets/js/ 52 KB
16 KB 471ms
468ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/flatsome.js?ver=be4456ec53c49e21f6f3
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7046618f6555847e4c8d7fb47584672aab889faf9ceebd6d871074da350615c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16738
expires: max-age=2592000, public

GET
H3 200 flatsome-lazy-load.js Show response
heho.com.tw/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/ 2 KB
622 B 467ms
465ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 601
expires: max-age=2592000, public

GET
H3 200 maxmegamenu.js Show response
heho.com.tw/wp-content/plugins/megamenu/js/ 33 KB
5 KB 483ms
480ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.2.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 0b35f88d468214d1e8ea6b50a1161cddd4984b46d3c9b13d05f00438bf894083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 23 Oct 2023 01:06:51 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5198
expires: max-age=2592000, public

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
3 KB 87ms
29ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0191ae3372503c03f15583d80e0e27deef41fc8018cb3702ddf0db157c69aa98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 11:00:21 GMT
content-md5: Pdv4QTBWHKWesM8LrXZhDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: E7SyP9muP/DF3uKZ9SSXBJ16CzGfUuymPsWAlc2bQQaprT+31VOhyLFtG0Zov4HiHc5jsvC7U1t+bxka/9NGDw==
x-fb-content-md5: a2cc893e464a1c38bf9c69a423f37471
cross-origin-opener-policy: same-origin-allow-popups
etag: "5252a3ad1eb11c8b7e3c50abda85a62a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 03 Dec 2023 11:17:33 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/36287102/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

46ms
45ms

Script
application/javascript

13.32.110.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 13.32.110.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-123.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 10:14:16 GMT
content-encoding: gzip
via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 2766
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: xuTgw9-UwV0qeVhP_s90ST96zHgyr-j7nDFPRdDumcwLS9py1Z6MFQ==

Redirect headers

date: Sun, 03 Dec 2023 11:00:21 GMT
via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: A8MrjBloPncfBO4fNZd3gWAtnzzdg_wHkg23mpS4zQeVQdppQpZlGQ==

GET
H2 200 48oiwicjv7 Show response
www.clarity.ms/tag/ 650 B
1012 B 181ms
115ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/48oiwicjv7
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 95e18e2366fa470e629ba4f8e53062b8ac9a5de93ed8dfc4803dd5a25532a39b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Sun, 03 Dec 2023 11:00:22 GMT
x-azure-ref: 20231203T110021Z-wp1qbqpyxd3vv5rttmacb4gpfc00000012tg000000014657
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 viewform Show response
docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/ Frame 603E 53 KB
16 KB 652ms
477ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81a688b4176e331aa476e169d461f97a6034f64436c4c8457b3e9d1534abf470

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-_twq_gtFlTEAS1gfS6luIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-_twq_gtFlTEAS1gfS6luIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 11:00:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, nosnippet
x-xss-protection: 1; mode=block

GET
H2 200 heho.com.tw Show response
ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/ Frame 86F7 9 KB
4 KB 1091ms
537ms Document
text/html 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec398ff527e3966bda830bc3afbccd7736d05b7e402a45899984c9631232510a

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 11:00:22 GMT
etag: W/"23bf-0JfXKeu9nq0g1jha6UPRKUMjbnM"
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H3

200

b28837887ae86c49b66bc05e04dd346e.png
img.heho.com.tw/wp-content/uploads/2020/07/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png

3 KB
4 KB

156ms
155ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cecb66bde508c9248d803c80e120330c2390474f21df544bee4d8d34b22810e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184390
alt-svc: h3=":443"; ma=86400
content-length: 3295
last-modified: Thu, 27 Aug 2020 06:39:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJ4rcvq3%2BR4hIRc4Inx3Da3b%2Fb8cb%2F6ZC9eKD%2BDn91SPc80vbd%2BBYaH4tVmnDEWFn5dSnNXvpTQvarHieWi2lYHfSGxwQLc%2BilE2hj85BVGXErPX80kk1flW%2FKYvdvleyjeyBlFTuEFFpyxE3Y4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370aa4999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
content-type: text/html; charset=iso-8859-1

GET
H2 200 heho-mkt-sdk.js Show response
ml.oxra.com.tw/ox/mkt/js/ 5 KB
2 KB 824ms
270ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-sdk.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9afefc6356f7a01fa5d0a8b69c8a39cb3709795753e96ad09bad19b21b0b658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 04:48:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"63901b13-12db"
vary: Accept-Encoding
content-type: application/javascript

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2f7fbd847620a46b260daa079ddcacce2e96d507bc686510677cb243f088245

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff65c6a3b716ae696170f17006e5b017751677908e6b56b53a27379f7dc578df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20a3bf52be657d048a21d70727caaa41611e9d8ef79c89d88c78949ee41a162a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfe4b3384bdf0bd276d03faa954b58977064c3aa7199c946292f3d22f416fc76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a076d79ed14cff54c3ece7a41c43bf5b96154cc8c194ba252aea6f5c3830cfdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fl-icons.woff2
heho.com.tw/wp-content/themes/flatsome/assets/css/icons/ 7 KB
7 KB 456ms
456ms Font
font/woff2 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bc425300c8a8a921a3d481e8b2395ef3c6cac4333b7326ceb1f5963fa6102b77

Request headers

Referer: https://heho.com.tw/
Origin: https://heho.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7244
expires: max-age=2592000, public

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://heho.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3

200

1654582763.9763.png
img.heho.com.tw/wp-content/uploads/2022/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png
https://img.heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png

62 KB
62 KB

117ms
117ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58414c45ff47ff8f78077f75d47fb1c08143c46e500536ccb407fb9a031d3da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258765
alt-svc: h3=":443"; ma=86400
content-length: 63017
last-modified: Tue, 07 Jun 2022 06:19:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt2op7V7JqzFC4zPTCyLwFNFn8thSFt6ZhxPrp0uNXFt%2Ftp4MEtGoi25ETuvLa66lwY%2FuvvBofumnOTLxso2v%2BrgOSaZnoFYhpmV6zoLxlQlQN9rk1qpMlBXUCB0TnHNhc0nJvHXRXdN1dLg8%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370a98999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685341005.7905.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png

24 KB
25 KB

156ms
156ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c962d6b55e524fbd4d056d9417afc3f15d56c09df24de4217a3faecd27afba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184391
alt-svc: h3=":443"; ma=86400
content-length: 24795
last-modified: Mon, 29 May 2023 06:16:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT9rH5sfGIxD7Sbs%2B7S45rNLRLap%2BqG5ChJbv7%2F%2ByXJaTnkxqZ%2FiYJUOus8ylhCgQHGJbu2z9urKk1XcCjyb5VKxPm9jGAxQZGVxwJMdSnEyoIgixEqvnP1hSD%2BR3aVRG3ADtDJYQf8JFy7%2Bz8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370aa5999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685341002.6315.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png

15 KB
15 KB

156ms
156ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 985b3bcffaca82008af6fbae8e61658cb5154c104561967e0b1fb91305375555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184390
alt-svc: h3=":443"; ma=86400
content-length: 15063
last-modified: Mon, 29 May 2023 06:16:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IVtGVdZS0jEcN6euurnq1lXwwDBFyVfHsGFm3mngjdo6tS0wcXubumGy0OQOg2aVJuYFUqto9XCnRK%2FAqrBu1eleRPmlN61VjTSOoNi6N%2BmJc8KxOyXCh6sUpUqnW5qloIlglwq7S64ehhYVC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370aaa999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685340999.4319.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png

17 KB
18 KB

122ms
122ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74d4d21ea731e982d339e2341bebcde40e7abd3c43e6955a51d13c68d105f9ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258765
alt-svc: h3=":443"; ma=86400
content-length: 17450
last-modified: Mon, 29 May 2023 06:16:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPH1vt0gq%2FeQIR7TysSuSnttH77Dc93X01ab6ijheQKK6iCP%2FFBwTPQJik%2BkYMAIedwJIRB%2Fk3LQwXvBQz2mFPvR4pZSXcMqMZlj89uuEyKjDRgQ6%2F4N%2BL1j35LWQbKb9Yi5Ucv4YU9tiSyatH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e377b1b999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084067.1705.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png

6 KB
7 KB

45ms
45ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f6995a0395179c9dd731c85aa08ef73fb09ab0b6ea2e889eda95f9747e069c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423252
alt-svc: h3=":443"; ma=86400
content-length: 6559
last-modified: Fri, 26 May 2023 06:54:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BignJ0ri0HFcbRXm8SaWr5vRf7hbKn49QLqk6%2FwlwBvpit2xCGCONxXGOXl8dgOEwDFc55X%2BMTr5kpc2SwUELOhTJvZqZOZ0HrlGkbEW7fLhPkdUVYi78PX8Oya9JRsvO7uhZ6dDu5rNMaABrec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370a96999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084061.4838.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png

16 KB
17 KB

83ms
83ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029021f9df9d250bfc5442e10e72bb7fcc37aef687080952a051aa4428214f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258765
alt-svc: h3=":443"; ma=86400
content-length: 16859
last-modified: Fri, 26 May 2023 06:54:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T058%2BGT3B%2FnFCEqO7t92qOl%2FRoaG7%2FLagVoFXlVQ0fMCiEUThm%2FbC3lwZUI7sWAPVRXUKlwky6eFp0Ues%2BHNWauoVcDazxbG5nynUQH%2FU31%2FgLJjjm%2B%2FsQJuSxQIlFNqEZ%2FPW410jqj4NPXAy0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370a95999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084260.4331.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png

4 KB
4 KB

83ms
82ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d6f268fafb58c6446703ee4d09aedba5b6a7d3a59261da328d75d5115fb11b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258765
alt-svc: h3=":443"; ma=86400
content-length: 4029
last-modified: Fri, 26 May 2023 06:57:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rn0KSeY9Y6SZk2mjBEx9I5nOnnH6ohR%2FotKbDYWQ9kFA5VOQvhzxdAPSwPgFKGtM%2Fk9IXPjvEpyO%2FWJxjQNT724n2hb09s2LY3IyQj8x4CBGe0dil4mPwOr90wOAMDcTSCoVhxz%2F%2BAtCwi0SDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370a97999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084258.0287.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png

5 KB
6 KB

122ms
122ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6567639db59dc67528a542b533eb95189e86f1d3cd82d865b72b09cbb2290e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258765
alt-svc: h3=":443"; ma=86400
content-length: 5599
last-modified: Fri, 26 May 2023 06:57:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0%2BuErHwilt6iK7qPD8TJakLMVXCF1xTthEOH7nJl7ZKWF3pC2Nm7faftGw7vtRFEO1STE9JrDcHdHTxCCA6ZSaGlJeO6sSi8cUOtmWqxO2kHgVZ33B%2B2kpz2ilYZWKGuC0rLDb8E2uApU1W90w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e377b18999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084064.6124.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png

6 KB
7 KB

46ms
46ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926820f185b15731023eb5573e470b2fc52fa7c7719ba68de547ec3a99ea4db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360369
alt-svc: h3=":443"; ma=86400
content-length: 6163
last-modified: Fri, 26 May 2023 06:54:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD6yEqhq3gyQDMTo9qMPJWhZpae5Nxm9JvVtjAalwMWg%2FyhPE4%2BLkqZQdI5So4zW%2BkD9LBhSa1WwSYI44XRmljr0nniIAIQv20NnaGeXszUXgjB3tzr04uLN%2BGEPjcoaxk5D0L%2BxaeHlCpwH90M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370a9e999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084058.5936.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png

12 KB
13 KB

157ms
156ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f338abba8fb7cf686b9a4f785fedd4299709cff3e365eae3c61eb0e507c417d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423252
alt-svc: h3=":443"; ma=86400
content-length: 12376
last-modified: Fri, 26 May 2023 06:54:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o40IQoae9PYoNY2%2BCBBLBlsuvmquHJKQp1qPuTDAocP7tbO5qUviQtsaXXS96rHEHDaqgu4jfPMrb6TspGf9YGxPawGb4pRfvXK8yVcbp4xhDop4fclgRWzuIHXuyPp8FBhMgztcoqHhIoII6Dk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370aa8999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1689755246.8803.png
img.heho.com.tw/wp-content/uploads/2023/04/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png

5 KB
6 KB

44ms
44ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f54070450baf09b19fdbe1d661a5b05eaec9b8a60353a4cf91ce60df518469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360369
alt-svc: h3=":443"; ma=86400
content-length: 5344
last-modified: Wed, 19 Jul 2023 08:27:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufi7hsu3cBbxF8bY04GX%2FIEOheFu8MhiF2Mm%2FE%2BhZmYEC4sjxoZCj67Y8vcNmm1nT2uBDcQH1cYy32QBezTlq8J47NAeb1LMqyN6i957zl93zp2AEZ2Fl8LZeyeiLAbeGoTbFhoxOx74UP41ErM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e381bb6999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685083759.3921.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png

13 KB
13 KB

155ms
155ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e6a680e9036aaf31486a675e7ae117f53d2f3c3924240f26e0d57520e4204a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184391
alt-svc: h3=":443"; ma=86400
content-length: 13108
last-modified: Fri, 26 May 2023 06:49:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYn0IaoJvN6c%2BYbdPI1VtWL%2BpCW2WAB6noQv70JjkgyxH%2B%2B2HgkPYXPO7fxH5AAB9%2Bs7W0NRl6f%2BsoBfNhbtRlfOoOX90L8rtavJek52Dmz6QBmY34C%2Bg3i%2BZDUUxnuu6x01djSJPLGIOVXTmWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370a9a999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5448b3df7fca1bd7f1ee6c34cab7287342978c1634a216dcb055faa92ffef9de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 273864a943d0ff0ab1b4861c83635fe7c7fcaa496d81862552923c614639b12f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

1611030364.7282.png
img.heho.com.tw/wp-content/uploads/2021/01/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png
https://img.heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png

1 KB
2 KB

329ms
328ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9320b3cdf4756eab8412ee5120bc5af5524c9030de78136fbc42b7e40814289a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1058
last-modified: Tue, 19 Jan 2021 04:26:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ps%2F0cz6%2B1Yz2mjzs%2F0KJEcZQmCbP%2F5Z%2BDkJWDaJ9YIHAQCSpl%2BwJy1qwTgPnUwMkdB2ECm%2FDK7uDsNkL75z2tw9eo05V6S6HOKWIXCjIH7hfOpHV0QDddWJIH6xMCQaurQe8nh6FYEwgJatxhs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e370aa1999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png
date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 297 KB
85 KB 59ms
29ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=efa0b7fe6d62049d5655ba588064cb99

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd2e459e4cf19c74d043b82b18e774ef8c4911c30b53fa2fda29042f930d81cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://heho.com.tw/
Origin: https://heho.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 11:00:22 GMT
content-md5: TLTlfMTrGjLCWHbBjkaR5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87036
reporting-endpoints
x-fb-debug: /lAP9Pl/io2+nhojrRlivqvRWMzpdTG5GcNczam72H+B85NIxZKoFnfcPwZ2qmh7ZNZ9g1HK/UX1BUygfpT2AA==
x-fb-content-md5: 13b28976256b00ca8176fe12c472e2d8
cross-origin-opener-policy: same-origin-allow-popups
etag: "e0c854bf3d6017e27edebd09647ce1aa"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 02 Dec 2024 10:17:29 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 58ms
58ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/48oiwicjv7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
last-modified: Thu, 30 Nov 2023 12:37:50 GMT
etag: W/"0x8DBF1A12A7EABEF"
vary: Accept-Encoding
x-azure-ref: 20231203T110022Z-wp1qbqpyxd3vv5rttmacb4gpfc00000012tg000000014668
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 68748bd9-901e-0036-6d53-24a3ab000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 55ms
55ms Image
text/plain 13.32.110.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=36287102&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1701601222055&ns_c=UTF-8&c7=https%3A%2F%2Fheho.com.tw%2F&c8=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&c9=
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-123.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: AC8hdJ8WjWurySh5UBHsxX2i6fkauvo8KN4jQGpHZQhY0stf9PADuA==
x-cache: Miss from cloudfront

POST collect
v.clarity.ms/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
96 KB 142ms
141ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LDJQEPLLSR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105027460-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58581d2843a819bdb10d344dc4cb9e5a5c899290646318fb064b50608c23d483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 239ms
77ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105027460-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 10:31:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1722
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Dec 2023 12:31:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 91ms
91ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-338904101&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105027460-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d320ba6f0ff470d96a58d32124a629533d02fad99fa8d48191774292c6af86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76019
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 10:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1547
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Dec 2024 10:34:35 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 141ms
140ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5693807149055825&plah=heho.com.tw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4b76edee234bdf41e7a402bd58b3b35b00d327dc10dd2bfafc1ceaac1d49923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137286
x-xss-protection: 0
server: cafe
etag: 9187123968904200645
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame FF8A 9 KB
4 KB 224ms
72ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 20:59:29 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 20:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/338904101/ 3 KB
2 KB 94ms
89ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/338904101/?random=1701601222472&cv=11&fst=1701601222472&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=511695047.1701601222&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-338904101&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2406d76626722b18de4fd9e814ce615019442dc8ae02a1c3794ac7b4336338ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/338904101/ 3 KB
2 KB 190ms
67ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/338904101/?random=1701601222482&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=511695047.1701601222&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-338904101&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

14fbfa60db0ae60f86714e73ee5a3bee3cbb68456fdc684247c64ad66e8d4f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1627
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 167ms
60ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LDJQEPLLSR&gtm=45je3bt0v877969751&_p=1701601221858&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1181362518.1701601223&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701601222&sct=1&seg=0&dl=https%3A%2F%2Fheho.com.tw%2F&dt=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1890
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDJQEPLLSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 222ms
75ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LDJQEPLLSR&cid=1181362518.1701601223&gtm=45je3bt0v877969751&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDJQEPLLSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 234ms
95ms Image
image/gif 2a00:1450:4005:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LDJQEPLLSR&cid=1181362518.1701601223&gtm=45je3bt0v877969751&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2098517309

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 docs-tt
csp.withgoogle.com/csp/ Frame 603E 0
0 245ms
86ms Other
text/html 2a00:1450:4001:830::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/docs-tt
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://docs.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 icon
fonts.googleapis.com/ Frame 603E 616 B
799 B 240ms
84ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 11:00:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H2 200 rs=AMjVe6jD5hGkCF0BphdUeomEF_I0J2GWlw
www.gstatic.com/_/freebird/_/ss/k=freebird.v.XMSFTLX2xDo.L.W.O/am=EAY/d=1/ Frame 603E 944 KB
945 KB 233ms
75ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.XMSFTLX2xDo.L.W.O/am=EAY/d=1/rs=AMjVe6jD5hGkCF0BphdUeomEF_I0J2GWlw

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9996ece096f1a0a0a480e2a9ada6ad692c59b562370dd189bd75968dbd7a0f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 12:15:01 GMT
x-content-type-options: nosniff
age: 600321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 966884
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 15:29:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Nov 2024 12:15:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 603E 24 KB
2 KB 241ms
84ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e98273998af7ba59db229a5997cd60b10fff987e60d89dc79654a50fa5daee02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 09:31:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 11:00:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 603E 1 KB
550 B 245ms
88ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c9837dd0a50218aac53dee373e4167e0a2edf128136d31ff2d89add6c5fed8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 09:38:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 11:00:22 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 82ms
82ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=292745093&t=pageview&_s=1&dl=https%3A%2F%2Fheho.com.tw%2F&ul=en-us&de=UTF-8&dt=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1355257566&gjid=774314975&cid=1181362518.1701601223&tid=UA-105027460-1&_gid=582363268.1701601223&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=332038982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame 603E 1 KB
984 B 74ms
74ms Image
image/svg+xml 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 689
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 01 Dec 2024 22:37:51 GMT

GET
H2 200 m=viewer_base Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/ Frame 603E 423 KB
136 KB 627ms
483ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2d715cfe84dc6dffc61288e0a1ac6901e9ce71b50e08a0b71c1d6c20c135940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139125
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 17:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:48:29 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 227ms
75ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Origin: https://heho.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:06:13 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/338904101/ 42 B
327 B 111ms
111ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/338904101/?random=1701601222472&cv=11&fst=1701601200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNGqAmJ0sNMLd7utX_VO9hAkxxhGSCYQ&random=3724881571&rmt_tld=0&ipr=y

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/338904101/ 42 B
455 B 165ms
81ms Image
image/gif 2a00:1450:4005:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/338904101/?random=1701601222472&cv=11&fst=1701601200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNGqAmJ0sNMLd7utX_VO9hAkxxhGSCYQ&random=3724881571&rmt_tld=1&ipr=y

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41F6 124 KB
43 KB 795ms
794ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=2909568660&adf=3004921553&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222323&bpp=3&bdt=1237&idt=279&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=3496873869080&frm=20&pv=2&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=288

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5693807149055825&plah=heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d928bc852bb5e7eb2285ebf5f535ffbedb0de341cf97b01e106fe5f4cde7009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 11:00:23 GMT
expires: Sun, 03 Dec 2023 11:00:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0368 109 KB
41 KB 614ms
613ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1653759563&adf=1460166357&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=292&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c5b8402d2e7e4e42031b1453ed8537fc76ac84e646e7fe29f0b2963e3a25488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41838
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 11:00:23 GMT
expires: Sun, 03 Dec 2023 11:00:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D01A 174 KB
47 KB 852ms
852ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96992974bcd03f1c7b414fb16d7a7db3d9a85e39dcee3ee7257a20cd766018de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47864
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 11:00:23 GMT
expires: Sun, 03 Dec 2023 11:00:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 115ms
74ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-105027460-1&cid=1181362518.1701601223&jid=1355257566&gjid=774314975&_gid=582363268.1701601223&_u=YCDACUAABAAAACAAI~&z=1312528993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 03 Dec 2023 11:00:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/338904101/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/338904101/?random=1606486545&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/338904101/?random=1606486545&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/338904101/?random=1606486545&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
108 B

84ms
84ms

Image
image/gif

2a00:1450:4005:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/338904101/?random=1606486545&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=511695047.1701601222&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ091d3F3WVFyYlhYdXI3VHg3SWdFaVVBNnlyeEZaZ21Xdnlhc2tVeTdrVUY5U0w5a3ZXb0VIV1FXbWd1LWp4NUdMdmh1UnFyGldDaEFJZ091d3F3WVFnTnlNNGVUcHpLcFZFaTBBMUNWU2lwNTYzOTdGeWpFNlZZam82OThYVlpLbzF0Ry1MTVBkTlBPYmpSUUlhRzR2Y2JPeXE4SHhzT0kiEwi_qrLDjvOCAxVWJ-AKHdFjDAM&is_vtc=1&ocp_id=xl9sZb-vJtbOgAfRx7EY&cid=CAQSKQDICaaN7vpXEYmBvP9Wl2-rBW8ANOamlMyRMrJLmpE8BHVz8VkgBMqn&random=3113077392&ipr=y&ezwbk=AZuM4hCy1oKt2luOekCwci-zrkt3DOCuEje0TOu4G_Zeck8lwszxmcim3DxuRgrpjbd1Maj2LxeYB87qmphqOCy1A6Cj

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

2a00:1450:4005:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/338904101/?random=1606486545&cv=11&fst=1701601222482&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=511695047.1701601222&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ091d3F3WVFyYlhYdXI3VHg3SWdFaVVBNnlyeEZaZ21Xdnlhc2tVeTdrVUY5U0w5a3ZXb0VIV1FXbWd1LWp4NUdMdmh1UnFyGldDaEFJZ091d3F3WVFnTnlNNGVUcHpLcFZFaTBBMUNWU2lwNTYzOTdGeWpFNlZZam82OThYVlpLbzF0Ry1MTVBkTlBPYmpSUUlhRzR2Y2JPeXE4SHhzT0kiEwi_qrLDjvOCAxVWJ-AKHdFjDAM&is_vtc=1&ocp_id=xl9sZb-vJtbOgAfRx7EY&cid=CAQSKQDICaaN7vpXEYmBvP9Wl2-rBW8ANOamlMyRMrJLmpE8BHVz8VkgBMqn&random=3113077392&ipr=y&ezwbk=AZuM4hCy1oKt2luOekCwci-zrkt3DOCuEje0TOu4G_Zeck8lwszxmcim3DxuRgrpjbd1Maj2LxeYB87qmphqOCy1A6Cj
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ox-ra.html Show response
ml.oxra.com.tw/ox/mkt/ Frame F2EB 4 KB
1 KB 268ms
267ms Document
text/html 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/ox-ra.html
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8c089632f2472d720775d3f5d81306f073905aded8a9a2ce493a4c516984c5f5

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 03 Dec 2023 11:00:22 GMT
etag: W/"638da8a3-fe6"
last-modified: Mon, 05 Dec 2022 08:15:31 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 403 / Show response
json.geoiplookup.io/ 109 B
611 B 178ms
93ms Fetch
application/json 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://json.geoiplookup.io/

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Octolus

Resource Hash

334e702012cf0d8dfdbcfe2a9ff9e70032ca59cad3573f01454a3e1706131f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:22 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Octolus
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGEQxvcdnnjc8o8OxaL9r0kWxyaklv3G6PWJD9esndYUV3VEx7E6yY%2F%2Bmy%2BnF2ZXQMOK9VgLW8G8rBCdPq%2Fohq9dCqXANKO9HRN913l2CjLj0ZDwwgNg3D4BYpCV9BgfZA5GvXUGKdg1tNiLf9lOEqMB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 82fb4e3a7c19048c-CDG
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 heho-ml-recommend-mkt-api-10 Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/ 430 B
716 B 863ms
291ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/heho-ml-recommend-mkt-api-10
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 75bab248ae90650bc4ae24be3c0f261c31976f24495057848ff473ad28f41740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"1ae-HQc7SZD8XdammPa6MLM9HzCblBM"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 430

GET
H2 200 heho-ml-recommend-mkt-api-11 Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/ 430 B
716 B 864ms
292ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/heho-ml-recommend-mkt-api-11
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 950738e693c765f0c3a7fcd54935f7c767089f075a698d7ba8cc43a6097dda2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"1ae-fyL/xuwZXFzXKtBKA81z2DNYX4A"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 430

GET
H2 200 heho-ml-recommend-mkt-api-10 Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/ 430 B
715 B 866ms
294ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/heho-ml-recommend-mkt-api-10
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 75bab248ae90650bc4ae24be3c0f261c31976f24495057848ff473ad28f41740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"1ae-HQc7SZD8XdammPa6MLM9HzCblBM"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 430

GET
H2 200 heho-ml-recommend-mkt-api-11 Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/ 430 B
716 B 867ms
296ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/heho-ml-recommend-mkt-api-11
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 950738e693c765f0c3a7fcd54935f7c767089f075a698d7ba8cc43a6097dda2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"1ae-fyL/xuwZXFzXKtBKA81z2DNYX4A"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 430

POST collect
v.clarity.ms/ 0
0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 103ms
102ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-105027460-1&cid=1181362518.1701601223&jid=1355257566&_u=YCDACUAABAAAACAAI~&z=1472348271

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 93ms
93ms Image
image/gif 2a00:1450:4005:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-105027460-1&cid=1181362518.1701601223&jid=1355257566&_u=YCDACUAABAAAACAAI~&z=1472348271

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 do_add
oxra.com.tw/sys/pv/ Frame 0
0 1422ms
248ms Preflight
text/html 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sys/pv/do_add
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heho.com.tw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://heho.com.tw
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 11:00:24 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
server: nginx
vary: Accept-Encoding

POST
H2 200 do_add
oxra.com.tw/sys/pv/ 0
0 251ms
248ms Fetch 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sys/pv/do_add
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://heho.com.tw
date: Sun, 03 Dec 2023 11:00:24 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type, Authorization
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, OPTIONS

GET
H/1.1 200
OK heho_tw.js Show response
api.popin.cc/searchbox/ 296 KB
53 KB 1145ms
556ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/heho_tw.js
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-infinite-sdk-heho.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6ad6b8b2dd661ae7182bde4de0a90cdfb0d06d3451102d5d5137c340c2b70a3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 11:00:23 GMT
x-amz-version-id: 5Mh7ixb3Dd5l1mG.ChAdgvhTx58c73G3
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 23 Nov 2023 06:41:17 GMT
Server: nginx
ETag: W/"ac4ecf4b2ad220e41579a6ee2a1ad580"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 03 Dec 2023 12:00:23 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5479 0
16 B 99ms
99ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&adk=1812271804&adf=3025194257&lmt=1701601202&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222966&bpp=4&bdt=1879&idt=4&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120%2C1050x120&nras=1&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=60

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 11:00:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 heho-ml-popup Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-43/page-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/ 3 KB
1 KB 523ms
300ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-43/page-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/heho-ml-popup
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22bd7cf3246f1ba3c6875d4099495f7915382811d89d27f1925a9fba8078b730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
etag: W/"b19-+muyr6afGDU6FZsD8sRd8NRQW2s"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization

GET
H2 200 heho-ml-floating Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-37/page-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/ 2 KB
1 KB 525ms
302ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-37/page-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw/heho-ml-floating
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b91a5d0c93ab9e0c055f1e0d6ff22688984670591f4853b000454b703fb2fcb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
etag: W/"702-Gr6mXTh/fPlvyRdLGdfipEDo0rA"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization

GET
H2 200 bootstrap.min.css
unpkg.com/bootstrap@4.5.3/dist/css/ Frame 86F7 157 KB
24 KB 112ms
47ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 203888
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGHJY2YS4KS1M8TH07JHB00Y-waw
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82fb4e3c88a13578-WAW

GET
H3 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ Frame 86F7 2 KB
1 KB 136ms
103ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 442832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEx7c4NS%2FwvwwJaIkCQu3wTmCCdBLvHQREjtg%2BwpRTCWHvxLfhuBN8Ml2XYKdeV%2B2yvO96ArYlHJfdsQONr0oW0IFGCgsbmrLFKm5MaGHMZfUYuo8K3uNGHbq0xr1mF8poasfW6q3%2F6fCSvjmHWYeu1O"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82fb4e3c5ec135ab-WAW
expires: Fri, 22 Nov 2024 11:00:23 GMT

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ Frame 86F7 1 KB
1 KB 73ms
40ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 993589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UO6qaiHZEHBQKzWQ2s87bifIyULWxIC0Jars009uz4oLgE%2BPyHl6z6FYLX14oqaN1Lv7fTolC8VghMmTBCqit%2BZXngmjtTlOwPrDuszfz3uaGKbqcu0j5jn2zwODcAIEF53VDk6ecQAebP55%2F8ycP0xk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82fb4e3c5ebb35ab-WAW
expires: Fri, 22 Nov 2024 11:00:23 GMT

GET
H3

200

1669685415.0137.gif
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 86F7
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif
https://img.heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif

30 KB
31 KB

472ms
471ms

Image
image/gif

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c784e0a746c79495f6389971b2f60ef425d4d98a1ab85b9945e31a41e2fe9ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30760
last-modified: Tue, 29 Nov 2022 01:30:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTBmsZypYBAiW70R4Jc8Exn9mNPWBOSUiusOrpKfQHnKYpBg2af7Xi%2FCnEMdt5MfdZcouwy3YWo6zok4oLK9qVKcRNPsporMXBkdr46srPlUWWI55fyuKp1Zd%2Fe8IGtDeJOfetuZcQIeI9pwsR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3e1a68999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ Frame 86F7 88 KB
28 KB 75ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 365615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27990
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63091225-6d56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsMsHjvMIk%2FKjYXq%2BDRbsTFgaanilhMgRc72gJe1ZkISQM6xfU%2F3pQPWgitr5SUGvKeErdigIdrOj1Sgmt3NvS4DRCAyjr8pkc8CoRkpTLqV3%2BH6HE1uSq4upOyz2ze3VA07SsZIn13K%2BT1H1hS%2FXTSf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82fb4e3c5eb535ab-WAW
expires: Fri, 22 Nov 2024 11:00:23 GMT

GET
H3 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ Frame 86F7 42 KB
10 KB 97ms
73ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 444073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9283
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BYTENs4cqjvTSEObGB4vXJXdo2tGvHya1S6lW%2BUsolk1V%2Bj%2FP6M6mt0l6phi%2F1GMLnmWOtEnpey%2Bl6EifMRem5GdT7k7xBF0AnPbXelJdeeIZNcu2Bmoal3nnfCKAxIyO5QAF2NKnKNaaOEGoiaygmy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82fb4e3c5eb635ab-WAW
expires: Fri, 22 Nov 2024 11:00:23 GMT

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ Frame 86F7 71 KB
24 KB 150ms
46ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4072811
x-cache: HIT, HIT
content-length: 24606
x-served-by: cache-lga21954-LGA, cache-fra-eddf8230139-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701601223.184438,VS0,VE0
etag: W/"28feccc0-11abc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 55, 142025

GET
H2 200 bootstrap.bundle.min.js Show response
unpkg.com/bootstrap@4.5.3/dist/js/ Frame 86F7 82 KB
22 KB 99ms
43ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 267865
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGFNXFHVPQRPSX8KPHMFFJEH-waw
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82fb4e3c88a63578-WAW

GET
H2 200 vue.global.prod.js Show response
unpkg.com/vue@3.2.26/dist/ Frame 86F7 124 KB
48 KB 121ms
52ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@3.2.26/dist/vue.global.prod.js

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea457f0a12915cc9612ecc2a0c085b16c5cf8af109f1be1c7fcc358a9d52fbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 373116
last-modified: Sun, 12 Dec 2021 07:02:30 GMT
fly-request-id: 01HGCHHNKMGAQFR49VDXQQW4GR-waw
server: cloudflare
etag: W/"1f036-LNt2RAJtpQz3fWavx+ri3EDtwx0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82fb4e3cab20c01c-WAW

GET
H3 200 chunk.slider.js Show response
heho.com.tw/wp-content/themes/flatsome/assets/js/ 49 KB
13 KB 334ms
334ms Script
application/javascript 34.149.230.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/flatsome.js?ver=be4456ec53c49e21f6f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bec887feaec684bbc55998c457617df16605234f032386cd8068ad2dc8964a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13382
expires: max-age=2592000, public

GET
H3

200

0815-%e6%84%9f%e5%86%92_%e6%b5%81%e6%84%9f_%e8%97%a5%e7%89%a9.png
img.heho.com.tw/wp-content/uploads/2019/08/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2019/08/0815-%E6%84%9F%E5%86%92_%E6%B5%81%E6%84%9F_%E8%97%A5%E7%89%A9.png
https://img.heho.com.tw/wp-content/uploads/2019/08/0815-%e6%84%9f%e5%86%92_%e6%b5%81%e6%84%9f_%e8%97%a5%e7%89%a9.png

285 KB
285 KB

819ms
819ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2019/08/0815-%e6%84%9f%e5%86%92_%e6%b5%81%e6%84%9f_%e8%97%a5%e7%89%a9.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821efb9b0f85eb5ed3903a73c7d5a71b997661f4daae99e3a13cbade1518d356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 291475
last-modified: Thu, 27 Aug 2020 06:41:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SNwBWlA8H2%2BAcizBgVe72BIZC5YpGFnUBKJZ7RWs6z%2BEc1N%2BSXn%2BLysRf6jJkycU36yJPDx60HhFfQRlX6QEXKRKePniC7Z7yYiaztY0f6buHoTlVmpsmXJThGzCiWuRlbgb0EA5pjbQPG0Fig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3e1a82999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2019/08/0815-%e6%84%9f%e5%86%92_%e6%b5%81%e6%84%9f_%e8%97%a5%e7%89%a9.png
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 402
content-type: text/html; charset=iso-8859-1

GET
H3

200

1632648310.439.jpg
img.heho.com.tw/wp-content/uploads/2021/09/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/09/1632648310.439.jpg
https://img.heho.com.tw/wp-content/uploads/2021/09/1632648310.439.jpg

134 KB
135 KB

47ms
47ms

Image
image/jpeg

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/09/1632648310.439.jpg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cd7546cdd1365d5d2e766c8a4a8c20c180beff5d8765e12e20da8fa208a1c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1191
alt-svc: h3=":443"; ma=86400
content-length: 137384
last-modified: Sun, 26 Sep 2021 09:25:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkMlgNDRdEjNm7Vl14h%2B7ufP1MnQMvpltmi35USHsaFlcOJBdS077y1bIIhyvvI2wZ40WhMejYRyWpc3A3uFHGkssXX9RXyEjSSCXtqU6ch2ir04fQuBDpgu%2BDDXaFKJ%2BsZJFFKI98EL2xZnwOA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3e1a6a999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/09/1632648310.439.jpg
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 355
content-type: text/html; charset=iso-8859-1

GET
H3

200

861a14b42c64370b7f69d638738eb289.jpg
img.heho.com.tw/wp-content/uploads/2020/09/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2020/09/861a14b42c64370b7f69d638738eb289.jpg
https://img.heho.com.tw/wp-content/uploads/2020/09/861a14b42c64370b7f69d638738eb289.jpg

174 KB
175 KB

828ms
828ms

Image
image/jpeg

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2020/09/861a14b42c64370b7f69d638738eb289.jpg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c6f2b56db50efe9ee121bb0705283af79881d6fcb848a4e5674dd287344c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 178627
last-modified: Thu, 03 Sep 2020 04:40:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hyjg0kYazgrE2J%2BSwzWervZB52TRu14jRJMPUuM77BOkUYUeUmgXupdPrXR7LZqQRTDypPKfRmihfDt6RM0H0D8XNZBrtfPX3P4ZTqiwkNH5%2FVhM8yoTBCP8Bjg6BP1WM07WeXPU%2BNkNxd39ijg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3e2a8e999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2020/09/861a14b42c64370b7f69d638738eb289.jpg
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
content-type: text/html; charset=iso-8859-1

GET
H3

200

190805-%e4%b8%ad%e8%97%a5%e8%8c%b6.png
img.heho.com.tw/wp-content/uploads/2019/08/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2019/08/190805-%E4%B8%AD%E8%97%A5%E8%8C%B6.png
https://img.heho.com.tw/wp-content/uploads/2019/08/190805-%e4%b8%ad%e8%97%a5%e8%8c%b6.png

318 KB
319 KB

747ms
747ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2019/08/190805-%e4%b8%ad%e8%97%a5%e8%8c%b6.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af9ec9a489ec63fe87954ad25bdedfa650743358a7d4046d1bef5767270a88f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 326021
last-modified: Thu, 27 Aug 2020 06:41:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31t0%2FpkWQqi7SRtDGPnJLbBYzIjE7WH6VuZGNSusMpR9A97%2BUy2uD3SPEa47iHDQ5ThQlMmllkaphXuU7Yc1dMeoZmmXcnoyE6zdA6o39ZeNKxursjLG5jYnfcul%2B5wT3DcpdX6r4U0kPGcuNms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3e1a84999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2019/08/190805-%e4%b8%ad%e8%97%a5%e8%8c%b6.png
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
content-type: text/html; charset=iso-8859-1

GET
H3

200

1701422916.4307.png
img.heho.com.tw/wp-content/uploads/2023/12/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/12/1701422916.4307.png
https://img.heho.com.tw/wp-content/uploads/2023/12/1701422916.4307.png

234 KB
234 KB

1032ms
1032ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/12/1701422916.4307.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd39c5117fc14e408f4883b137ec8818042ce300d8783c0c34518732fb461303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 239130
last-modified: Fri, 01 Dec 2023 09:28:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uECDwFhVvDvvCGludiDDfF04Xcru2H6JpbREDliauCh4arN1mGkj6iFDmWrUGIJqJPkEFSUxLsgB0hSoCFClsizw53AIGx%2F%2BWFRmOaui7wcm19EDIAB11BBndKHDRpa9vpt6Mw0WWYNDrMB6y%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3e1a70999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/12/1701422916.4307.png
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1697531486.0167.png
img.heho.com.tw/wp-content/uploads/2023/10/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png
https://img.heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png

142 KB
143 KB

636ms
635ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaa699bffde59485dd19fa60a333645a0e56425bf560e2c42b54938bbb286687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 145916
last-modified: Tue, 17 Oct 2023 08:31:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtIn%2BCWcxEbrg0fDaeN8fRSBEfir6erJwCkH2C7Rd5glYtxb4qwcTwLZLk6YfHinnghq%2B1MTKz3cyFCLspCmAE7hNJHGQVzgzsdIe46UHkGV3k5hAGYhSsSHxsrVoFj7LeX0yjYQeTe0%2FR4zT90%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3e1a6c999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1688032217.0993.png
img.heho.com.tw/wp-content/uploads/2023/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png
https://img.heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png

162 KB
162 KB

1090ms
1090ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 589ee426ccb7b86d8643b16efc0acbd99cb9590e1237cbbb694eba36efac28e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 165376
last-modified: Thu, 29 Jun 2023 09:50:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP39UkV4WcckxqeZaOEhcbUOVFJh4bDxEmuQLttnooLS%2BlC18%2FOIB85Jthk3UkyDiGPr%2BPw33eeba4vlvy7jCOzFFAd69JAWapEJLHByw7HvGhjLmDQtyIOF%2B9EVReejI%2FYexNZipm1KtWq5dCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3e1a6e999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 1685591982.4705.png
img.heho.com.tw/wp-content/uploads/2023/06/ 143 KB
144 KB 771ms
770ms Image
image/png 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd37899aca2011cdf18276fe93b568460f41a8a9aa4af0dedae29e28e0f7cc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 146514
last-modified: Thu, 01 Jun 2023 03:59:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOUT8ELC%2BUK%2FBi18iAp9fuibrKSV%2B3%2By%2FQ19wLiAzQTdQzD6JeSi2CS0%2BA%2BFg5WkzcpRzlXl9AR2QRSK3SZUuW87tuUF6C9dgL2jeGr4fUi%2FoD%2BOXUKikCwlYxgndo3goHppW%2F3WhpNrNbkQRxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e3c48a1999c-CDG
expires: max-age=2592000, public

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 94D3 59 KB
33 KB 104ms
103ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t6byv9a1kpgn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5b81e95b3a4dbbbfd469024ac03cc25662c626c787cc0d3808adc2868bd0dbe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-42nqdEWvA1d4YaU9_MJ3kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-42nqdEWvA1d4YaU9_MJ3kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 11:00:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ Frame 86F7 4 KB
4 KB 38ms
38ms Image
image/gif 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1492097
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3208
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agQockvOtI0J7iOwiUSfTIr4XNPC0OsimGrhLqPbgQ%2BpjyV1mz7QBzXaG0MKoDqb6gKi7BByGBYU3IorR3ffLHsU29LvEzeRiVTp8qUVFiP1s%2Bk9YP2kQXYgj3qs8w8Z4kGeF8EgbfpchmhrMRNbaPqT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82fb4e3d0c02bf6f-WAW
expires: Fri, 22 Nov 2024 11:00:23 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 94D3 55 KB
24 KB 73ms
72ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t6byv9a1kpgn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 06:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 06:36:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 94D3 468 KB
188 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:06:13 GMT

GET
H2 200 m=sy1h,vGOnYd,sy8,syh,IZT63,syu,vfuNJf,MpJwZc,n73qwf,sy13,ws9Tlc,syb,syj,syi,sy15,sy1c,sy1a,sy1b,siKnQd,T8YtQb,sym,syp,syq,syr,sy1k,syw,sy18,sy1r,sy1u,V3dDOb,sy2i,sy2j,sy4l,sy4h,sy4j,sy4g,sy4k,OShp... Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=0/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/ Frame 603E 586 KB
190 KB 78ms
77ms XHR
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=0/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=sy1h,vGOnYd,sy8,syh,IZT63,syu,vfuNJf,MpJwZc,n73qwf,sy13,ws9Tlc,syb,syj,syi,sy15,sy1c,sy1a,sy1b,siKnQd,T8YtQb,sym,syp,syq,syr,sy1k,syw,sy18,sy1r,sy1u,V3dDOb,sy2i,sy2j,sy4l,sy4h,sy4j,sy4g,sy4k,OShpD,sy4i,sy4o,sy4p,sy4n,sy4m,sy4q,J8mJTc,gkf10d,j2YlP,syz,sy17,sy9,syc,syg,syo,sys,cEt90b,KUM7Z,yxTchf,sy14,sy16,xQtZb,qddgKe,wR5FRb,pXdRYb,iFQyKf,syk,sy7,syl,YNjGDd,syn,syt,PrPYRd,syv,syx,hc6Ubd,sy1e,SpsfSb,dIoSBb,sy1f,sy1g,zbML3c,zr1jrb,EmZ2Bf,sy19,Uas9Hd,sy69,WO9ee,sy1j,sy1n,sy1o,sy1d,sy1p,sy1s,sy1t,A4UTCb,sy6u,owcnme,UUJqVe,CP1oW,sy22,sy21,sy1w,sy20,sy1y,sy1z,sy23,pxq3x,sy1m,O6y8ed,sy4y,sy50,sy5o,Sk9apb,sy4u,sy7n,sy7p,sy5w,sy7o,sy7q,sy7r,sy7s,Xhpexc,Q91hve,sy4s,sy5t,sy5u,sy5v,sy5x,sy5s,mRfQQ,sy7u,sy7t,CFa0o,szrus,sy1l,sy1x,VXdfxd,syd,sy11,sy2m,sy5,sy12,sy2l,s39S4,sy25,ENNBBf,L1AAkb,QvB8bb,bCfhJc,sy4x,sy4v,u9ZRK,pItcJd,yZuGp,aW3pY,mvo1oc,sy4,sy3g,sy3h,sy1v,sy3i,sy4e,I6YDgd,sy29,sy28,sy2a,sy2b,sy2g,sy1i,sy24,sy26,sy2c,sy2d,sy2e,sy2f,fgj8Rb,sy27,N5Lqpc,IvDHfc,sy53,p2tbsc,sy54,sy68,LxALBf,sy2o,sy6v,sy2w,sy2y,sy6y,sy34,sy31,sy3o,sy6w,qNG0Fc,sy6z,sy71,sy2p,i5dxUd,sy39,sy3b,ywOR5c,sy73,sy77,sy3s,EcW08c,wg1P6b,sy70,sy72,sy74,sy75,sy76,t8tqF,SM1lmd,sy7b,sy6a,sy6d,sy79,sy7a,sy7c,vofJp,Vnjw0c,QwQO1b,sy52,sy67,sy66,sy4z,sy65,QMSdQb,X16vkb,WdhPgc,JCrucd,sy7l,sy7k,sy7m,Ibqgte,ok0nye,DhgO0d,oZECf,sy2k,akEJMc,zG2TEe,fvFQfe,CNqcN,sbHRWb,sy7v,TOfxwf,sy2n,sy3a,sy80,sy5z,sy62,sy7x,sy81,sy82,sy85,sy89,sy8f,sy8g,A2m8uc,jjSbr,sy7j,sy8b,sy8d,sy8a,sy5n,riEgMd,sy8e,lSvzH,sy7w,yUS4Lc,v4y9Mc,KOZzeb,sy5a,sy5c,sy5d,sy5b,xKXrob,sy57,sy5l,sy61,sy63,sy64,DPwS9e,lWjoT,sW52Ae,sy7y,sy84,sy86,sy83,RGrRJf,OkF2xb,syf,sy58,sy5y,xmYr4,ID6c7,sy8h,rmdjlf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23e4a995297af6d7e3abf5dc3212a2390efd61c55e15aced428ed4508654fe47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 194099
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 17:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:41:54 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
291 B 346ms
116ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://heho.com.tw
Date: Sun, 03 Dec 2023 11:00:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 13584189264219646808
tpc.googlesyndication.com/simgad/ Frame 0368 36 KB
36 KB 325ms
167ms Image
image/gif 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13584189264219646808

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1653759563&adf=1460166357&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=292&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb3784f1997c28bfbb36eb06ad663cb1d9fdf53a5c849fbe500acfdc4c11b1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:32:08 GMT
x-content-type-options: nosniff
age: 246495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36922
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 12:13:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 14:32:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0368 24 KB
9 KB 239ms
85ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82E5 143 B
166 B 73ms
73ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1653759563&adf=1460166357&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=292&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=294
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 10:31:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0368 3 KB
1 KB 237ms
84ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0F63 1 KB
643 B 77ms
77ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0368 20 KB
9 KB 224ms
74ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0368 0
0 83ms
82ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZYts1fFRW_9Ff06L02-OOaM3mRMWKYIF-gAPSiH4myeCJqyeaDDj75BQjMjzx2DXaho2KSWlw1dEHpXSOVgMWoF8QQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1653759563&adf=1460166357&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=292&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0368 202 KB
64 KB 273ms
116ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 11:00:23 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0368 36 KB
15 KB 293ms
147ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 94D3 2 KB
2 KB 74ms
73ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:21:55 GMT
x-content-type-options: nosniff
age: 167908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 08 Dec 2023 12:21:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 94D3 15 KB
15 KB 235ms
76ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 214407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 94D3 15 KB
15 KB 256ms
98ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 309536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 94D3 102 B
135 B 87ms
87ms Other
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t6byv9a1kpgn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 03 Dec 2023 11:00:23 GMT

GET
H3 200 m=sy7z,sWGJ4b,sy5f,sy5g,sy6f,sy6g,sy6h,EGNJFf,iSvg6e,sy6i,uY3Nvd Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=0/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/ Frame 603E 22 KB
8 KB 76ms
76ms XHR
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=0/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=sy7z,sWGJ4b,sy5f,sy5g,sy6f,sy6g,sy6h,EGNJFf,iSvg6e,sy6i,uY3Nvd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a535ba09ab809d987eb451502fe1d911ed8959328eaa381ee0bcbeaded320c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7980
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 17:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 07:44:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 252ms
85ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 03 Dec 2023 11:00:23 GMT
expires: Sun, 03 Dec 2023 11:00:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 603E 131 B
155 B 248ms
102ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 11:00:23 GMT

POST
H2 204 naLogImpressions Show response
docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/ Frame 603E 0
209 B 417ms
417ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/naLogImpressions

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-x_3yHu59jnp_A--6Bb1Eog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-x_3yHu59jnp_A--6Bb1Eog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5GxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 603E 2 KB
2 KB 143ms
75ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5GxK.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00994f426cdca41eb2fbd87b0f3610e37acb3d641b4297a5cfa3e969cd95ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:14:58 GMT
x-content-type-options: nosniff
age: 121525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1756
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:14:58 GMT

POST
H2 200 getmetadata Show response
docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/font/ Frame 603E 514 KB
13 KB 500ms
500ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/font/getmetadata

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4caf0e36dd19c395a07167bc67d8f38c73263c10ff786db363c5f0b5c8c7abe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0F63
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENqBvHCDg3cbWuhH60Uo04E&google_cver=1&google_push=AXcoOmSB4fM3RY_xqYTcDtnKzMUvYV6SBJl66ys1QkdK2OnOyE7u1CWQOXNkDxQlPQonlLmkw3bs-iM15eXyQPjQznGJW9GF5qfbI...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ2NzkyODg4MDg5MjE2Nzg1OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENUh5uYGR0WK_NdccoX2zFM&google_cver=1

43 B
398 B

64ms
32ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENUh5uYGR0WK_NdccoX2zFM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1653759563&adf=1460166357&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=292&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=294
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENUh5uYGR0WK_NdccoX2zFM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0F63 0
104 B 191ms
106ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEHQTuTjFMRtjhS_NF8aegE&google_cver=1&google_push=AXcoOmQQ23Hpdre5GRW6JggL0oUbTf6_HJ9sLzu16DKGV-kLbHnVrCvwEeP2vQDGw9OrQq7-BwFnB445kDdBbKIb-XKxg_i4cH2PXcWmEUfnBMC-1V35aMbJVDQ69cBCZcHi_RDCqZ1Ggn8YgIvhEIDobIAvLZI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1653759563&adf=1460166357&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=292&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=294
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0F63
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMu32Gpl-npUHDMTmwD3L90&google_cver=1&google_push=AXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjz...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMu32Gpl-npUHDMTmwD3L90&google_cver=1&google_push=AXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJ...

43 B
420 B

213ms
206ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMu32Gpl-npUHDMTmwD3L90&google_cver=1&google_push=AXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjzgPQQ_E-UDARuaxCvxC3ZJIkgomy9KNyFiKDy6T5n4NVvGiv36avOKwS9HI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjzgPQQ_E-UDARuaxCvxC3ZJIkgomy9KNyFiKDy6T5n4NVvGiv36avOKwS9HI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fb4e40882bbfb4-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 246
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMu32Gpl-npUHDMTmwD3L90&google_cver=1&google_push=AXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjzgPQQ_E-UDARuaxCvxC3ZJIkgomy9KNyFiKDy6T5n4NVvGiv36avOKwS9HI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQkJAp1V_mTouJzZ9q70jntNBzLe83qj7lursThsPC0jpL3LVzauHMX6JD_SoEutUobvEgLqCwWC8FWKaUBYT8RYH75eBJjzgPQQ_E-UDARuaxCvxC3ZJIkgomy9KNyFiKDy6T5n4NVvGiv36avOKwS9HI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fb4e3f3e45bfb4-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0F63
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENZifkp4VtxF-i6RgzQn0Nc&google_push=AXcoOmSOs8i2PyP88mp8nULTz7ontZ8wBDNHSlEYKYVl1GxDRwd7X3VVL7...

170 B
232 B

70ms
66ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENZifkp4VtxF-i6RgzQn0Nc&google_push=AXcoOmSOs8i2PyP88mp8nULTz7ontZ8wBDNHSlEYKYVl1GxDRwd7X3VVL7FDb0vhM1vI-s-HLF5iTi-s8WZ6_xye9ro7o8hcxxIB0pTohw6XhgmgTSK3oj5aXp_qs1uTqcGQMbptKIvhJxqBFE_Q5tLKD0VrPGk

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230121-FRA
pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701601224.563202,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENZifkp4VtxF-i6RgzQn0Nc&google_push=AXcoOmSOs8i2PyP88mp8nULTz7ontZ8wBDNHSlEYKYVl1GxDRwd7X3VVL7FDb0vhM1vI-s-HLF5iTi-s8WZ6_xye9ro7o8hcxxIB0pTohw6XhgmgTSK3oj5aXp_qs1uTqcGQMbptKIvhJxqBFE_Q5tLKD0VrPGk
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0F63
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBpw-PTQ2H_hfjrlFrctDaY&google_cver=1&google_push=AXcoOmSmzWJmullx_oDkjopbIR3KWm3p8T-ZnIsRaMwXj4gwrA3oLdweEGavusj6LjFjhVXIRJXaMwVLDnjY4kajXY_CwLjoICnXcv...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=46C41117691F4D168A58B311D7045365&google_push=AXcoOmSmzWJmullx_oDkjopbIR3KWm3p8T-ZnIsRaMwXj4gwrA3oLdweEGavusj6LjFjhVXIRJXaMwVLDnjY4ka...

170 B
232 B

89ms
68ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=46C41117691F4D168A58B311D7045365&google_push=AXcoOmSmzWJmullx_oDkjopbIR3KWm3p8T-ZnIsRaMwXj4gwrA3oLdweEGavusj6LjFjhVXIRJXaMwVLDnjY4kajXY_CwLjoICnXcvYU_dUfuNsLlpZyJ5mJ3YjNw7tymMEff-KAh1Rq8qTjxf93doOEhSY4LLc

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 11:00:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=46C41117691F4D168A58B311D7045365&google_push=AXcoOmSmzWJmullx_oDkjopbIR3KWm3p8T-ZnIsRaMwXj4gwrA3oLdweEGavusj6LjFjhVXIRJXaMwVLDnjY4kajXY_CwLjoICnXcvYU_dUfuNsLlpZyJ5mJ3YjNw7tymMEff-KAh1Rq8qTjxf93doOEhSY4LLc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 02 Dec 2023 11:00:23 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0F63
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHE40jI696wUbh5rIKetpXE&google_cver=1&google_push=AXcoOmQM0x92Z3PToUnAiFws6GnFP8JAj0KrVtJMNf_QmJ3QD-eLvqVtZzvAKw7beLSHJlwaLhZWeIPAnHTwpsiA...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Mg67TMZiTVIQOylj6Y-TdQ&google_push=AXcoOmQM0x92Z3PToUnAiFws6GnFP8JAj0KrVtJMNf_QmJ3QD-eLvqVtZzvAKw7beLSHJlwaLhZWeIPAnHTwpsiAUS2M7eGOUvOFC_s...

170 B
329 B

99ms
67ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Mg67TMZiTVIQOylj6Y-TdQ&google_push=AXcoOmQM0x92Z3PToUnAiFws6GnFP8JAj0KrVtJMNf_QmJ3QD-eLvqVtZzvAKw7beLSHJlwaLhZWeIPAnHTwpsiAUS2M7eGOUvOFC_sGZTZujNRqAwJHnzcMSh_F9qAvttx6ubACFt1kYJTNELi9PHWRZBTunq4

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Mg67TMZiTVIQOylj6Y-TdQ&google_push=AXcoOmQM0x92Z3PToUnAiFws6GnFP8JAj0KrVtJMNf_QmJ3QD-eLvqVtZzvAKw7beLSHJlwaLhZWeIPAnHTwpsiAUS2M7eGOUvOFC_sGZTZujNRqAwJHnzcMSh_F9qAvttx6ubACFt1kYJTNELi9PHWRZBTunq4
x-host: tde-deliveryengine-production-6987bbc57b-x79x7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 0F63 43 B
146 B 190ms
29ms Image
image/gif 18.184.108.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED8VhDnvrM8Ttm3ftLMGSwo&google_cver=1&google_push=AXcoOmT2-xQO2sfy-8Ca8pQEya-ejUmT79dRsL_nK-rN-di8_EmGNpKFfaWbJgozYGSez9zGhQ_uox1M7K8_jADl7BbymwuuWOsQqEzrCT6TCSkN7oL1mKtwFf6b0ZsYCpbZ97gP0eEJ7TKKwgDYjTA0qvQqWg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1653759563&adf=1460166357&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=292&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=294
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.108.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0F63 0
139 B 202ms
66ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lc_9SvIC6zVUg0wBMxgSwuM7WnylIlMQaXO4IcrDvI5TTwGRx3cJZaPZNXRmH9Jzfrmu7v

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST collect
v.clarity.ms/ 0
0

POST
H/1.1 204
No Content collect
v.clarity.ms/ 0
291 B 346ms
116ms Ping
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://heho.com.tw
Date: Sun, 03 Dec 2023 11:00:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 css
fonts.googleapis.com/ Frame 41F6 4 KB
751 B 87ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=2909568660&adf=3004921553&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222323&bpp=3&bdt=1237&idt=279&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=3496873869080&frm=20&pv=2&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 10:55:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 11:00:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 41F6 2 KB
874 B 174ms
173ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 41F6 24 KB
9 KB 163ms
162ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 41F6 3 KB
1 KB 172ms
171ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 41F6 20 KB
8 KB 165ms
164ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41F6 202 KB
64 KB 196ms
195ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 11:00:23 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 41F6 37 KB
15 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82E5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

83ms
82ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 11:00:23 GMT
expires: Sun, 03 Dec 2023 11:00:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 11:00:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D01A 2 KB
855 B 159ms
158ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame D01A 24 KB
9 KB 160ms
158ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D01A 3 KB
1 KB 178ms
178ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D01A 20 KB
8 KB 149ms
147ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D01A 0
0 84ms
84ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAUx1EDbKpzGzZmCaLpn_VNIPjTwUqdut9NRfJjz87FUYOeMRhl5pjDRYCLyehUyAE243BFBfIX4F9Clm1HP_sZDQZuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D01A 202 KB
64 KB 242ms
241ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 11:00:23 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame D01A 37 KB
15 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6AD6 1 KB
643 B 78ms
77ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/13254983347033776869/ Frame 41F6 36 KB
36 KB 172ms
171ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13254983347033776869/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7225a083dd0c1d116bcc0e37375df8059d578b5bc6ccaa7522353dc3d803fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 05:35:07 GMT
x-content-type-options: nosniff
age: 105916
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37004
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 12:07:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 05:35:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1258490087537418914/ Frame 41F6 1 KB
2 KB 171ms
170ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1258490087537418914/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86d3787dfcab7706fefb343471c30af045cb274fe2b31203f16dbf4df1a393b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:32:23 GMT
x-content-type-options: nosniff
age: 214080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1440
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 08:29:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 23:32:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FCB8 1 KB
643 B 78ms
77ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame D01A 28 KB
28 KB 238ms
79ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRk097F23g6c9FYbptlhwhRqSxFIMrC-_K_c3f7PIPXtCRxd5_eNIq0rwI36_4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9166139867849f520e589e2539331b7a59c0e2bd96b52c277d15461643b2ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 21:17:07 GMT
x-content-type-options: nosniff
age: 222196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28277
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 04:22:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 29 Nov 2024 21:17:07 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D01A 32 KB
32 KB 354ms
195ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQU08JUZL7O4yAPEwaI_BIYOWj61Q0GpsELpL18gpOSzKwxhBTok4rsF42xrLQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d695e62a2f6236c29b6140648edf58d03a448cf69444431114dfcb8db866b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:43:11 GMT
x-content-type-options: nosniff
age: 94632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32979
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 04:04:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 01 Dec 2024 08:43:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D01A 28 KB
29 KB 237ms
79ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:25:31 GMT
x-content-type-options: nosniff
age: 246892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28680
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:02:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 29 Nov 2024 14:25:31 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D01A 20 KB
21 KB 318ms
160ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT1on8nr15ZCDSX0uOFs4dodWTUqkjub1aRqg_OdrbMkkTgg4275-VhPPTrASY&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220bb5d720f88a8aeb5ebf4549d8338fd6df4ef57a542c538479349f7d996dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:04:25 GMT
x-content-type-options: nosniff
age: 309358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20950
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:43:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 28 Nov 2024 21:04:25 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D01A 19 KB
20 KB 234ms
76ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQC21pg6-ou2qV7vmW3SKpXIsF4A7C5P8IZb9tHa905MLIFfYzV3mU0VguTsQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82b91c403bb4593185c877340c69d6b279f57903e9ebeffac57536b748058d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options: nosniff
age: 323384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19478
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:18:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 28 Nov 2024 17:10:39 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D01A 31 KB
31 KB 260ms
102ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRvh6RJcbfz-4E-x3jwRjYAREwpxNF5MYdK2A52ChLqp3BBnUZ1MSQCXJX1cQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23d3e2a2f611d4701ccd7472e8a00b46cc96a86cdc7acf1c610140aa6a013a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:04 GMT
x-content-type-options: nosniff
age: 256699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31669
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 03:23:19 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 29 Nov 2024 11:42:04 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D01A 29 KB
29 KB 351ms
193ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSueLvUffqKeCopSVs-RKGI7-7E9bnkKIM5iTxer1liYk_Mm3yE4MR5_lEh2A&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c201bc004adfc1a633af5632f87f33e1656cb4f457f95ba5a5a84f0b57088d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:47:35 GMT
x-content-type-options: nosniff
age: 130368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29349
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 06:50:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 30 Nov 2024 22:47:35 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame D01A 21 KB
21 KB 317ms
160ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTo9TGtAKs0zCYZx4FJ-dmXRfhad31xYpWpxnKe8S-l2nmPgdxGHQumyBEErj4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dff004fc8dbe923a119063d7496d6fdaff1a25b66fbf9f8be3d0a9eeac0aaca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 00:18:19 GMT
x-content-type-options: nosniff
age: 211324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21243
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 06:09:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 30 Nov 2024 00:18:19 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D01A 25 KB
25 KB 399ms
242ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTDRJixuvDZ602edFKVIU36ZxHCps8HV_vBqbWjPA6I71vEcs7dn3WDTdcyKO0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b9e0ecfe714f58dd623394ec5ee9ad6f4bb906c21ca6cbe492d08a5e460243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 21:49:59 GMT
x-content-type-options: nosniff
age: 220224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25370
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:50:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 29 Nov 2024 21:49:59 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame D01A 25 KB
25 KB 253ms
77ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS6eik1skU4gwC33zwoM7_ZJaAEhw-XwRuIQuE7CrsPT9cxiNgG3T9gYiT0rQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33b1e51ac94e9b191c6acd93da44002ea1e185dba1c51fdbdf376a96a983588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:48:08 GMT
x-content-type-options: nosniff
age: 79935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25320
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 04:47:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 01 Dec 2024 12:48:08 GMT

GET
H3

200

7867982516943128514
tpc.googlesyndication.com/simgad/ Frame D01A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgyeLVIBCwCBiwCDIIOb8Ght5mQhk
https://tpc.googlesyndication.com/simgad/7867982516943128514

171 KB
171 KB

84ms
84ms

Image
image/jpeg

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7867982516943128514

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0936663800d5b0b15c55119b7233550b490d21dc962d8947da9bb55d11d38f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:04:43 GMT
x-content-type-options: nosniff
age: 78940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175070
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 16:12:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 13:04:43 GMT

Redirect headers

date: Sat, 02 Dec 2023 21:04:57 GMT
x-content-type-options: nosniff
server: cafe
age: 50126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7867982516943128514
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 2024 21:04:57 GMT

GET heho.com.tw
ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/ Frame 938D 0
0

GET heho.com.tw
ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/ Frame 5ACA 0
0

GET
H2 200 heho.com.tw Show response
ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/ Frame 9F36 7 KB
3 KB 361ms
360ms Document
text/html 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6f8f0d78c296031efe8b806ec25620e2b7c71b5c29d6ee877f593089b882179e

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 11:00:23 GMT
etag: W/"1c84-Ugyr3QzBMO9hr9KlVTxfLBwMfl0"
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 heho.com.tw Show response
ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/ Frame 5AD0 7 KB
3 KB 341ms
338ms Document
text/html 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e47bf91c742fd9e32778e42257cde54b553f152cb5cc3a19eab97a8cad238c2c

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 11:00:23 GMT
etag: W/"1c6b-b54e87YrLxgjF1sniEkjW8JQS7M"
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6AD6 0
103 B 32ms
30ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDW4uYiF3WJB-qCeMMX2cbE&google_cver=1&google_push=AXcoOmQKrZR_yYCCb21qGBaXlvtxIzXtcNUazH6ZH-SnQSrswrFBEDf9F2ffh47D9Sd6SnqTZE9gGq7MHbDCSEG8i-p3JFTGx8RexLjsmJPhGVqoriZ-bvbu053US1DYJj9FHlMyDLyjpNPtNr-AYmjKrfRBN7E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=2909568660&adf=3004921553&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222323&bpp=3&bdt=1237&idt=279&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=3496873869080&frm=20&pv=2&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=288
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6AD6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJJy7UgjSRyjT8uF_Y5rV0A&google_cver=1&google_push=AXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD64...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJJy7UgjSRyjT8uF_Y5rV0A&google_cver=1&google_push=AXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD...

43 B
521 B

221ms
221ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJJy7UgjSRyjT8uF_Y5rV0A&google_cver=1&google_push=AXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD649OPslzzQ1AeFC3ou5p9ZyQhK200_nSNGRXIolyOuP_sM66fGt8zTkJSdBw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD649OPslzzQ1AeFC3ou5p9ZyQhK200_nSNGRXIolyOuP_sM66fGt8zTkJSdBw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fb4e41498bbfb4-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 450
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJJy7UgjSRyjT8uF_Y5rV0A&google_cver=1&google_push=AXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD649OPslzzQ1AeFC3ou5p9ZyQhK200_nSNGRXIolyOuP_sM66fGt8zTkJSdBw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSat4KG2cZSwN0Mi9sTlY9Dw0b5W6pJ100t41J3kDmFRHkcdfD4b6uoS-PXobKuG-EfnOTKCxKQ2qazcNZKtJfa9GqJxSD649OPslzzQ1AeFC3ou5p9ZyQhK200_nSNGRXIolyOuP_sM66fGt8zTkJSdBw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fb4e3fef3abfb4-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6AD6 70 B
149 B 146ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMQbCWboqY6r8xuPO35k9DA&google_cver=1&google_push=AXcoOmSl-Ng5M5aymP61e8rutJBLN3eriBOEiVO9aSfBil9BC7aP_AclcUv1YN2KvA0pYtcPoWGowwoJhdJYKjI0Peqlzy3wVlASIP8xZzmsjwb6JXrBKp-XIUnIDbpSNaiM4lr0eEDUFzOM-Jow5Yl1s5gaFv8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=2909568660&adf=3004921553&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222323&bpp=3&bdt=1237&idt=279&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=3496873869080&frm=20&pv=2&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=288
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AD6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQ6sUvJKUAoyX7c6U78FLI&google_cver=1&google_push=AXcoOmRTR5T3JKXpDi0NZFhQAuS8R8MTLOgN9Pow7zFQxmtVvIB0QS6SwVYV8nISQzO2wCvRTTfLTrBfaRYBDxW72q47jyw...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRTR5T3JKXpDi0NZFhQAuS8R8MTLOgN9Pow7zFQxmtVvIB0QS6SwVYV8nISQzO2wCvRTTfLTrBfaRYBDxW72q47jywIAdYeLMWTgbVslHTuhHEmgceJ9ICg0djN1CDfE...

170 B
188 B

67ms
66ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRTR5T3JKXpDi0NZFhQAuS8R8MTLOgN9Pow7zFQxmtVvIB0QS6SwVYV8nISQzO2wCvRTTfLTrBfaRYBDxW72q47jywIAdYeLMWTgbVslHTuhHEmgceJ9ICg0djN1CDfE8zmwk5iJ2j_mhWevkmvWO0sig&google_hm=eS0wclpReUFSRTJwR0kybHBMZFh3ZjdUNTBNcnV3NlNwX35B

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 11:00:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRTR5T3JKXpDi0NZFhQAuS8R8MTLOgN9Pow7zFQxmtVvIB0QS6SwVYV8nISQzO2wCvRTTfLTrBfaRYBDxW72q47jywIAdYeLMWTgbVslHTuhHEmgceJ9ICg0djN1CDfE8zmwk5iJ2j_mhWevkmvWO0sig&google_hm=eS0wclpReUFSRTJwR0kybHBMZFh3ZjdUNTBNcnV3NlNwX35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6AD6 43 B
363 B 117ms
31ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTPFXsyLN1ru3sQXoqZXAwsip3yqt8_Mg9UF_gLyzTNFImTo7QBlWHGAakh_q0aFpeOD-3NkKvPL7YNzbNC40xgWr28qu9yl_9lhMPJXwCOZsB_CedHx3GI19cayilYTLeXRNz0Y49ZA5PScmH56uCnN6c&google_gid=CAESEED0AVEY4KihZlTRnYl_NC4&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 204071
expires: Sun, 03 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6AD6
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEK46G6bOke0NObq4cnxbd4g&google_cver=1&google_push=AXcoOmTmHSGrzS6KGps6NybPnZNZ3-V6Q5xtoGTmMD26f-901uaW3uuqtWD_7RjjA0...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTmHSGrzS6KGps6NybPnZNZ3-V6Q5xtoGTmMD26f-901uaW3uuqtWD_7RjjA0cl6ybAWMaAjhDnuxY8KwB9aQyApEwitRfNLIu6cTYwFRMZPn...

170 B
232 B

68ms
68ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTmHSGrzS6KGps6NybPnZNZ3-V6Q5xtoGTmMD26f-901uaW3uuqtWD_7RjjA0cl6ybAWMaAjhDnuxY8KwB9aQyApEwitRfNLIu6cTYwFRMZPnZK5EmYeACZc21MCmSL3xcvpavch-TIhNLGmF3bZIaNV4V5&google_hm=aUnVhLs_SE6He1KYesmE__c

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTmHSGrzS6KGps6NybPnZNZ3-V6Q5xtoGTmMD26f-901uaW3uuqtWD_7RjjA0cl6ybAWMaAjhDnuxY8KwB9aQyApEwitRfNLIu6cTYwFRMZPnZK5EmYeACZc21MCmSL3xcvpavch-TIhNLGmF3bZIaNV4V5&google_hm=aUnVhLs_SE6He1KYesmE__c
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 6AD6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGOcxvDz2HtQ...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQQa-96HEbXdrkLwZAIjP6Ji11svJE01LITa1SjPx13zHZoiHJ5FDHBoroNz7xGRbrWHAY2wG2Li95q6kNYB_nP2HAOIEVay94rMX3oXYdgOi4cb...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

149ms
149ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sun, 03 Dec 2023 11:00:24 GMT
pragma: no-cache
date: Sun, 03 Dec 2023 11:00:24 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6AD6 0
40 B 64ms
64ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LG0xvqdbvZHF4fVXu0PW90P6MFfBdRKlbhls0Dv0oBuxpnIl5_yrJBvjPnN1FORhIe_T4WXP8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame FCB8 35 B
463 B 96ms
31ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIkqgtbcPXOSA589VdcaKgU&google_cver=1&google_push=AXcoOmRbUmCeRqERIxxV1f1hn1DYi6f_6CEzw2krtuleJ7V6GX9XPW2IOh94-Ve_pdpdWtSJLPkjdKmC0xhqfJ71rOlbLiVVdzB7maKV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame FCB8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB4U5Gq73QQ-xdlmLB3xQ9U&google_cver=1&google_push=AXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyv...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB4U5Gq73QQ-xdlmLB3xQ9U&google_cver=1&google_push=AXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFx...

43 B
418 B

212ms
211ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB4U5Gq73QQ-xdlmLB3xQ9U&google_cver=1&google_push=AXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyvKry&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyvKry%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fb4e415993bfb4-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 312
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB4U5Gq73QQ-xdlmLB3xQ9U&google_cver=1&google_push=AXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyvKry&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQx_bQJ0N4ys02oeM47XyNgyku9V_QIl7ce7pBcCTkmI_IBalfYn-RS8HChBsKoPa0Dm5tbeMfbdawrC6v28Pl_bGYOjFxyvKry%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fb4e400f71bfb4-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame FCB8 70 B
148 B 131ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECig80xGxet6jtynB2kcWrE&google_cver=1&google_push=AXcoOmT8tJPFWYj1foxRV1urC97cw1NxKgi8zyxq9iAuxbyChyYMMDhfyxZcDyBxvyyf2KEwJM9FTmQLXKN3symCCEueMq02bSLlrCSa
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame FCB8 43 B
145 B 35ms
26ms Image
image/gif 18.184.108.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEElDqyzKxK8k3ajMvHCyjpo&google_cver=1&google_push=AXcoOmQOIZvsPaXGZJj5wo4H3JrQ6QWe7Bz20X7PbnTfXWLZrboWDvVImSG4vG9efLXpmyFKKaCUUsuw7M6GZRtVFv_uZSIdLmyrFI8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.108.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FCB8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBsoIuMn_GTh25ErAKbK81g&google_cver=1&google_push=AXcoOmSNONYAyJr4BgaWJ2IAp5ibpKoeNfXJljAC4wSDTNo1kRcQSb7P_9cTsy_vjo4t8DuGm5toyvlHORe4-bw2SMDbtJW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSNONYAyJr4BgaWJ2IAp5ibpKoeNfXJljAC4wSDTNo1kRcQSb7P_9cTsy_vjo4t8DuGm5toyvlHORe4-bw2SMDbtJWx0wVGV0Xf&google_hm=eS1jVGVhYXU1RTJwRk...

170 B
188 B

68ms
67ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSNONYAyJr4BgaWJ2IAp5ibpKoeNfXJljAC4wSDTNo1kRcQSb7P_9cTsy_vjo4t8DuGm5toyvlHORe4-bw2SMDbtJWx0wVGV0Xf&google_hm=eS1jVGVhYXU1RTJwRkdYcmlxcFFITEdvZGxDSktlQkRWMH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 11:00:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSNONYAyJr4BgaWJ2IAp5ibpKoeNfXJljAC4wSDTNo1kRcQSb7P_9cTsy_vjo4t8DuGm5toyvlHORe4-bw2SMDbtJWx0wVGV0Xf&google_hm=eS1jVGVhYXU1RTJwRkdYcmlxcFFITEdvZGxDSktlQkRWMH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FCB8
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDkmFgvaTXqZ3AlmTO6PGIA&google_cver=1&google_push=AXcoOmSJcRBourEMzAF-RJzmBv1H9e7vy0Bfu5o1mNpgmHQ3lLEa6aHYeAyZQ2SOH8eimhGrK9WRF4h0LZe3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJcRBourEMzAF-RJzmBv1H9e7vy0Bfu5o1mNpgmHQ3lLEa6aHYeAyZQ2SOH8eimhGrK9WRF4h0LZe3ycWVXVXatvrOwJijjy5F

170 B
232 B

67ms
67ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJcRBourEMzAF-RJzmBv1H9e7vy0Bfu5o1mNpgmHQ3lLEa6aHYeAyZQ2SOH8eimhGrK9WRF4h0LZe3ycWVXVXatvrOwJijjy5F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJcRBourEMzAF-RJzmBv1H9e7vy0Bfu5o1mNpgmHQ3lLEa6aHYeAyZQ2SOH8eimhGrK9WRF4h0LZe3ycWVXVXatvrOwJijjy5F
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FCB8
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEIWFH90EoppWjFAqOWj2NDM&google_cver=1&google_push=AXcoOmTQuRWLZX4zxYzN3e-UCm-nqlvvJ22Oy8XzHGi9_37pqLLtUqhmzG-DwfITSM...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTQuRWLZX4zxYzN3e-UCm-nqlvvJ22Oy8XzHGi9_37pqLLtUqhmzG-DwfITSMrtfkmum-OfZVEaSexXubGxM3PXvsWM7fzctnqojQ&google_...

170 B
232 B

69ms
69ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTQuRWLZX4zxYzN3e-UCm-nqlvvJ22Oy8XzHGi9_37pqLLtUqhmzG-DwfITSMrtfkmum-OfZVEaSexXubGxM3PXvsWM7fzctnqojQ&google_hm=n0a24CcgQCWJGlNWZmHsE_c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTQuRWLZX4zxYzN3e-UCm-nqlvvJ22Oy8XzHGi9_37pqLLtUqhmzG-DwfITSMrtfkmum-OfZVEaSexXubGxM3PXvsWM7fzctnqojQ&google_hm=n0a24CcgQCWJGlNWZmHsE_c
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FCB8 0
40 B 66ms
60ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jdiq_wsBKCiRiM1sQT7qWwzEYxz3eRjS2dHR1pnLvQ_MdawN6HRwz5y1cd14ciZ3QtMNZ7aA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 41F6 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9dd51d0ad0444c841f5c9260a62e9275510fb464d8da85e2b970299913b8bc1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0368 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f080d319cc1440fa93f6f9b729d624797f7c91f16165b64576fadaa5bc6db96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D01A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef088734d15eea7d6e0e6835bc5502d62ddb3fbecb45d97127939bb0bd6cb1ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0368
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CCqT-xl9sZcqPLcW05LcP89urqAL-saXtcp_H-_ucEmQQASCil8tqYJX68IGMB6ABi9SnlQLIAQOpAocWcjmKQrI-qAMByAPJBKoEigJP0LvOKh_IguDpfbDtOualIOVMI0jDHTPDqO0Nl4j...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222638695425718370240%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%222...

0
0

89ms
89ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222638695425718370240%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581560843%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227116936791979920753%22}&andc=true

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2638695425718370240","debug_reporting":true,"destination":"https://trisor.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581560843"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"7116936791979920753"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 11:00:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 11:00:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2638695425718370240","debug_reporting":true,"destination":"https://trisor.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581560843"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"7116936791979920753"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame F73B 50 KB
19 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 02:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 02:50:33 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 94D3 35 KB
20 KB 143ms
143ms XHR
application/json 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d3d2a8652d7f530292005dfde3b2ef181d003a53b3dd06f73d223e9d81d546c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t6byv9a1kpgn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 03 Dec 2023 11:00:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41F6 15 KB
16 KB 76ms
76ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 152462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41F6 15 KB
15 KB 90ms
90ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 76994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 41F6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEk7qxl9sZZvJLPKy5LcPrqmX6ASywMPIdMPZjYiLEp7r56vsQBABIKKXy2pglfrwgYwHoAGEpezhAsgBCakChxZyOYpCsj6oAwHIA8uEgIAEqgT3AU_QSmbkhncK-os4P2WJJzotf95Byr2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210840842784210382075%22,%22debug_reporting%22:true,%22destination%22:%22https://travelperk.com%22,%22event_report_window%2...

0
0

90ms
89ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210840842784210382075%22,%22debug_reporting%22:true,%22destination%22:%22https://travelperk.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22742068868%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214059720795433692913%22}&andc=true

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10840842784210382075","debug_reporting":true,"destination":"https://travelperk.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["742068868"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"14059720795433692913"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 11:00:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 11:00:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10840842784210382075","debug_reporting":true,"destination":"https://travelperk.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["742068868"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"14059720795433692913"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8924 50 KB
19 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 02:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 02:50:33 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 201ms
91ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 11:00:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 do_add
oxra.com.tw/sl/pv/ Frame 0
0 433ms
249ms Preflight
text/html 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sl/pv/do_add
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heho.com.tw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://heho.com.tw
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 11:00:24 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
server: nginx
vary: Accept-Encoding

POST
H2 200 do_add
oxra.com.tw/sl/pv/ 0
0 253ms
251ms Fetch 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sl/pv/do_add
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://heho.com.tw
date: Sun, 03 Dec 2023 11:00:24 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type, Authorization
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, OPTIONS

GET
H3

200

1699839115.979.png
img.heho.com.tw/wp-content/uploads/2023/11/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png
https://img.heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png

9 KB
10 KB

44ms
44ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3444723e0dd36e3099deb59133ba82203985f1eba230a07e7ce8eb43b1e1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179226
alt-svc: h3=":443"; ma=86400
content-length: 9491
last-modified: Mon, 13 Nov 2023 01:31:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBve%2FrymtVMooUoj3OlII6rNPTeOHxrIqUfbrOJ0exaJhRfIPGIwptuvEErn%2BF%2Fu7srxGyNhg3bvXrvdwXmgNdL6Ghqe%2FKVPnD1q%2B0WBYPO7H8n8R7McPlpmv9w8w7KNhXpuK%2Bwh4%2FQIwD7IlbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e430f89999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png
date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 355
content-type: text/html; charset=iso-8859-1

POST
H2 200 do_add
oxra.com.tw/sl/pv/ 0
0 249ms
248ms Fetch 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sl/pv/do_add
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://heho.com.tw
date: Sun, 03 Dec 2023 11:00:24 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type, Authorization
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, OPTIONS

OPTIONS
H2 200 do_add
oxra.com.tw/sl/pv/ Frame 0
0 424ms
249ms Preflight
text/html 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sl/pv/do_add
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heho.com.tw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://heho.com.tw
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 11:00:24 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
server: nginx
vary: Accept-Encoding

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 136ms
90ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 11:00:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bootstrap.min.css
unpkg.com/bootstrap@4.5.3/dist/css/ Frame 5AD0 157 KB
24 KB 44ms
44ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 203888
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGHJY2YS4KS1M8TH07JHB00Y-waw
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82fb4e41a8c63578-WAW

GET
H2 200 bootstrap.min.css
unpkg.com/bootstrap@4.5.3/dist/css/ Frame 9F36 157 KB
24 KB 47ms
47ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 203888
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGHJY2YS4KS1M8TH07JHB00Y-waw
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82fb4e41b8ef3578-WAW

GET
H2 200 heho-mkt-recml.js Show response
ml.oxra.com.tw/ox/mkt/js/ Frame 5AD0 9 KB
2 KB 268ms
268ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-recml.js
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bf54ca999785e94d3692084aedd7379cdfa4f722acc00c50b937ff30f830122c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 09:35:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"63eca76a-241a"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 1699492760.5591.png
lifestyle.heho.com.tw/wp-content/uploads/2023/11/ Frame 5AD0 229 KB
230 KB 1235ms
573ms Image
image/png 139.162.79.137
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lifestyle.heho.com.tw/wp-content/uploads/2023/11/1699492760.5591.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.79.137 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 139-162-79-137.ip.linodeusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d71a472191ca500c7dbcdc6cf3bb86fada4c0b5f5b787a936e66b61f6288cde0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
last-modified: Thu, 09 Nov 2023 01:19:25 GMT
server: Apache/2.4.41 (Ubuntu)
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
content-length: 234688
expires: max-age=A10368000, public

GET
H3 200 1701240171.2928.jpg
img.heho.com.tw/wp-content/uploads/2023/11/ Frame 5AD0 237 KB
237 KB 756ms
755ms Image
image/jpeg 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1701240171.2928.jpg
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c37959ecaf7cbc7222f9be9dc9004783aedddc45b3e145d4b1a974bba439a72d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 242527
last-modified: Wed, 29 Nov 2023 06:42:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4rMoZUTopKRY7wmxXb2Ql%2FACJF1cqQN1RnnRIiGlYR8Im0oxhUMLNofxVVWeWsYATfDAvw8HHBe26OjWdH3jFT7tdvM1fQ0RKNMgCurq%2BIJr3539gUG0zSLRwHaAdN5pnpUUTFLloyM65J%2Bhi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e41fe7a999c-CDG
expires: max-age=2592000, public

GET
H3 200 1701308462.2435.png
img.heho.com.tw/wp-content/uploads/2023/11/ Frame 5AD0 156 KB
157 KB 46ms
46ms Image
image/png 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1701308462.2435.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577720b3510897fca3bfe22da77990ae5e29eee049e1a1420490c5d3998cb436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43994
alt-svc: h3=":443"; ma=86400
content-length: 159938
last-modified: Thu, 30 Nov 2023 01:41:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8zFmXFKXDtr%2BFM1H%2BfBW7nzwCwtiTeBA2gCpyY2MdM6z5rvbxT4epa5z0vERUVNTCiqYv%2Bw61caGgiCcomBjiQ2F%2FM7yUU%2BGLQ%2BLZScmvbEbCvqQnCVzGdPUpURyZP4SHDQg0ieRzbNHmOzEI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e41fe7b999c-CDG
expires: max-age=2592000, public

GET
H2 200 1634263985.8167.jpg
kids.heho.com.tw/wp-content/uploads/2020/10/ Frame 5AD0 353 KB
353 KB 2209ms
1430ms Image
image/jpeg 139.162.79.137
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kids.heho.com.tw/wp-content/uploads/2020/10/1634263985.8167.jpg
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.79.137 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 139-162-79-137.ip.linodeusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2ad96fb646950e0d23ddcaef87b9cb6b032847aa2e250a3d5a324ec96e1c707f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
last-modified: Fri, 15 Oct 2021 02:13:05 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 361714
expires: Mon, 01 Apr 2024 11:00:24 GMT

GET
H3

200

1669174013.0565.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 5AD0
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png

2 KB
2 KB

330ms
329ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ecb4dd57033b4d5ce93ed5ee31f6e7ae13e0208ffed843a8a25809e6c186a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2059
last-modified: Wed, 23 Nov 2022 03:26:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2Ba7RLcfm41U1hJ6LJ5nodCtce7vDS8SgyU5NNmd3gCFwgPztJlx9qZOqTnwObT0RjNIJ%2F6DiYV0EQOzj%2FeSQCreYS6PQyIK24F1mPxByjRltxbnCxcSweTH1%2Bta6veaXyxpVO5aYYIEwxMj20s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e43b865999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png
date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1669173726.3519.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 5AD0
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png

12 KB
13 KB

401ms
401ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b2a26dc249d0368798ce01da3e9785958eb925e608eb4729607f10ecf51241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12748
last-modified: Wed, 23 Nov 2022 03:22:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShZ87gcbrum%2FZGd5aNDeJpTOgXHV7ePnp0JR7VhcEh04HfPYmypmy%2BWG8Bl3RrdXBzhT00T0f1Fcmm9kISbqUxRu129ODM0iAzzeOrwydC0dK%2BWKsoRXAsMAWdiIZ00wHkppyDCfYX%2B9wXkcXoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e43b85e999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 1689755246.8803.png
img.heho.com.tw/wp-content/uploads/2023/04/ Frame 5AD0 5 KB
6 KB 44ms
44ms Image
image/png 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f54070450baf09b19fdbe1d661a5b05eaec9b8a60353a4cf91ce60df518469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360371
alt-svc: h3=":443"; ma=86400
content-length: 5344
last-modified: Wed, 19 Jul 2023 08:27:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HchRWCeDJt4E5J%2FF73IyUweHd8skntHozm%2FeJ%2FdZRC%2B%2FLD2EGdCDUXsoB3fejz%2FaYY2zLFpwbZjIo9iZMgo5pVWvk4XHYaWCk3UOWCJPbR0ZEdFjegxBta1S89HhH74dINZuvOK1XrvXS7xRvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e41fe7c999c-CDG
expires: max-age=2592000, public

GET
H3

200

1669176277.7766.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 5AD0
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png

5 KB
6 KB

338ms
338ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b17f07bd0d24edb3a5883b7fc3e77b39be07cd99131fbd33b7873fda49b165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5377
last-modified: Wed, 23 Nov 2022 04:04:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FxcHpPlh3BMmxn6RgYAIdeNjaRr9xCWDxBxDzmCCoR4CXIjh2ROQK20wWnmNqhkEnLzzqxhexE9THXxAIeHxb%2BtK520F6hma0vSNUFVJpurjVu3B319%2FzRBbJgAyix7B6dyFzay2O48goLoXwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e43b862999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H2 200 heho-mkt-recml.js Show response
ml.oxra.com.tw/ox/mkt/js/ Frame 9F36 9 KB
2 KB 268ms
268ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-recml.js
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bf54ca999785e94d3692084aedd7379cdfa4f722acc00c50b937ff30f830122c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 09:35:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"63eca76a-241a"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 1701240171.2928.jpg
img.heho.com.tw/wp-content/uploads/2023/11/ Frame 9F36 237 KB
237 KB 592ms
592ms Image
image/jpeg 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1701240171.2928.jpg
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c37959ecaf7cbc7222f9be9dc9004783aedddc45b3e145d4b1a974bba439a72d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 242527
last-modified: Wed, 29 Nov 2023 06:42:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7S%2BFgDCJP6L4KJ8ahCE7MGkXLyVwz529a9hv7IOSU5W0uALAUzLu6bSqgWPy30npD3wx81C2TM4O%2FHyiA%2BEYx2Du60LOsEga5OVeDY6lA5SGDH4xAtg2HD448TxMZ%2FuHYsJfF%2FcU2Bcjq9irUPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e421e94999c-CDG
expires: max-age=2592000, public

GET
H3 200 1701308462.2435.png
img.heho.com.tw/wp-content/uploads/2023/11/ Frame 9F36 156 KB
157 KB 45ms
44ms Image
image/png 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1701308462.2435.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577720b3510897fca3bfe22da77990ae5e29eee049e1a1420490c5d3998cb436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43994
alt-svc: h3=":443"; ma=86400
content-length: 159938
last-modified: Thu, 30 Nov 2023 01:41:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sy7Lq3JN%2BtDKYB%2BYm9hlTD6f0rtow1iRScSMj1jzyn9wEGK%2Fv59q%2BGF7Cj7HAOdtuHXEvBK3uUmc%2Bm0eoKEvyZiJX3aWRwQMg885d5f0NByRKRmh7h6aA8bC1u4DET1x%2BS4ZZGWkOPFr3vl1Lo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e421e96999c-CDG
expires: max-age=2592000, public

GET
H3 200 %E6%94%BE%E5%B0%84%E6%B2%BB%E7%99%82-01.png
img.heho.com.tw/wp-content/uploads/2018/07/ Frame 9F36 143 KB
143 KB 61ms
60ms Image
image/png 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2018/07/%E6%94%BE%E5%B0%84%E6%B2%BB%E7%99%82-01.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 725433fd99ff2c6146ab607f69d833fb207db0167a1886481e39b79da8728d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11251
alt-svc: h3=":443"; ma=86400
content-length: 146297
last-modified: Thu, 27 Aug 2020 06:40:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMbEy68XSL1RPQFxWroGGgEoMxbbFBcPSLiI5QfRxTFxOhVzrZTJMy%2BT3OyYtqqcPT9spIA4mM0y4Aimgc7uAPHCk%2F8kfl1Lb%2F8sDmCIZKTyxFqrCeAslOTp2l8Xh2aAw3JQrWA%2BNO4jx9dJDxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e421e98999c-CDG
expires: max-age=2592000, public

GET
H2 200 1701404666.701.jpg
kids.heho.com.tw/wp-content/uploads/2023/12/ Frame 9F36 357 KB
357 KB 1045ms
288ms Image
image/jpeg 139.162.79.137
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kids.heho.com.tw/wp-content/uploads/2023/12/1701404666.701.jpg
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.79.137 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 139-162-79-137.ip.linodeusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b7414b46962c0142ab4b8b26473943aac1db88fac3f9011004107c18513985f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
last-modified: Fri, 01 Dec 2023 04:24:25 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 365125
expires: Mon, 01 Apr 2024 11:00:24 GMT

GET
H3

200

1669173726.3519.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 9F36
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png

12 KB
13 KB

586ms
586ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b2a26dc249d0368798ce01da3e9785958eb925e608eb4729607f10ecf51241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 12748
last-modified: Wed, 23 Nov 2022 03:22:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOU1VHNDSP1NX%2BUY0fxhZFpwHM0E5dSRyqIwI%2FPmjP4YuMZFFeNFBXeHptggwMWmHv%2FjL0oKlaGx006Cu1L%2BKAbIij50juxMYoNUOhV2j6z8wRcIEp%2BiZTfOX1CW4CasWkxM7J%2BqZ0z49ydBKJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e43e887999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 1689755246.8803.png
img.heho.com.tw/wp-content/uploads/2023/04/ Frame 9F36 5 KB
6 KB 63ms
63ms Image
image/png 2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f54070450baf09b19fdbe1d661a5b05eaec9b8a60353a4cf91ce60df518469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360371
alt-svc: h3=":443"; ma=86400
content-length: 5344
last-modified: Wed, 19 Jul 2023 08:27:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihJuU3oN4HCxbsfQ%2FOZI96HWsjdLoqMJClimL2NB%2BoKzMAuw%2B80bO0Yn0q55zuDhCqKPMi9qHEzAv9QK3hz44DIAnYtMVtzDTuwA%2BGdIm719AaLbGwJ8naL9pfEq4v4ofwsSvB7n%2BEBmLUvO7kc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e421e99999c-CDG
expires: max-age=2592000, public

GET
H3

200

1669176277.7766.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 9F36
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png

5 KB
6 KB

615ms
615ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b17f07bd0d24edb3a5883b7fc3e77b39be07cd99131fbd33b7873fda49b165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 5377
last-modified: Wed, 23 Nov 2022 04:04:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LE0hJKAKVkDThHvtAaVPc%2B8PJpY3T2VyaFfBBBz2SPcXVZLhc6cen6Dy%2BR0Q65OxxMRLKXiYPVmJPdhuodNGbq0HyxCJ0kupxqCga0exPDaXSfzor6CWfmIJSrYxcZuG%2FwatlNiNOoVVlHOKF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e43e888999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1669174009.0122.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 9F36
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png

2 KB
2 KB

325ms
324ms

Image
image/png

2606:4700:3038::6815:ebd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afd50883e5a14dc60ab697ca8272c575fdaca96c69eb11ff5edc092752520d6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1609
last-modified: Wed, 23 Nov 2022 03:26:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kQHf8xpheStNl29lOb6o%2BpPQRiKCTC5amnZKnIjkI6hbsgvjUJLjOJudmXMwZvo6IxYuyGTzXmNR56fExgojllVdR6kLOXbKxWSc4hD0MjoRgXfkrhOLEGNizDWrQJEFflDmD6PLFkJZ3JtXqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82fb4e43e886999c-CDG
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png
date: Sun, 03 Dec 2023 11:00:24 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D01A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJbpOxl9sZYrJLcyR5LcP8faYkAuowYrNdPOAue2uEtzo3P-pQRABIKKXy2pglfrwgYwHoAHor-yIA8gBCakChxZyOYpCsj6oAwHIA8sEqgT4AU_QM9kBRYnq5e9ik3mF_TSUoh2AOeME1Dj...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226754542279783298576%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%2...

0
0

99ms
99ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226754542279783298576%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224226312878816399345%22}&andc=true

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6754542279783298576","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"4226312878816399345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 11:00:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 11:00:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6754542279783298576","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"4226312878816399345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame A37E 50 KB
19 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=3516489630&adf=2389669527&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701601202&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701601222326&bpp=1&bdt=1240&idt=299&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=3496873869080&frm=20&pv=1&ga_vid=1181362518.1701601223&ga_sid=1701601223&ga_hid=292745093&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809314%2C31078301%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=598861414938319&tmod=996894163&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 02:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 02:50:33 GMT

GET
H3 200 TUZyzwprpvBS1izr_vOEDOSf.woff2
fonts.gstatic.com/s/amaticsc/v26/ Frame 603E 4 KB
4 KB 458ms
457ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amaticsc/v26/TUZyzwprpvBS1izr_vOEDOSf.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd7b4ce1230fc5d6cb58daebeed6bcd09ebee1e4414367596bc3bb33f62444c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:28 GMT
x-content-type-options: nosniff
age: 323336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:11:28 GMT

GET
H3 200 WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIOpYQ.woff2
fonts.gstatic.com/s/caveat/v18/ Frame 603E 4 KB
4 KB 459ms
458ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caveat/v18/WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIOpYQ.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c1d1b09af9ea0e4a497cf8f1baaf915bb032eca2ae369869566282d156cb25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:16:58 GMT
x-content-type-options: nosniff
age: 215006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4280
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:31:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:16:58 GMT

GET
H3 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrUfIA.woff2
fonts.gstatic.com/s/comfortaa/v45/ Frame 603E 2 KB
2 KB 456ms
455ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrUfIA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a631f36b97689ffb94afdaef8032e78479d469894a2b18f007dea806dc1172b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:01 GMT
x-content-type-options: nosniff
age: 214403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1664
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:23:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:01 GMT

GET
H3 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkAo9_.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 603E 3 KB
3 KB 457ms
456ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkAo9_.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a817a663ee912ccf67f30d9cddfb563e15efdabb3de65fe491abdfbea5c6578f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:25:40 GMT
x-content-type-options: nosniff
age: 149684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2568
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 17:25:40 GMT

GET
H3 200 wlptgwvFAVdoq2_F94zlCfv0bz1WCzsWzLFneg.woff2
fonts.gstatic.com/s/lexend/v19/ Frame 603E 1 KB
1 KB 452ms
451ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v19/wlptgwvFAVdoq2_F94zlCfv0bz1WCzsWzLFneg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80083bb74056d4ea185160dd596de5a63d5ed834778a5d7f7e4e843ba4421345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:29:12 GMT
x-content-type-options: nosniff
age: 99072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:29:12 GMT

GET
H3 200 neILzCirqoswsqX9zoSmMw.woff2
fonts.gstatic.com/s/lobster/v30/ Frame 603E 4 KB
4 KB 454ms
453ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9zoSmMw.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5acbe17fd4e63cca2ce1b72e482fc2411d27d9d534476ad7f0108b9df087fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:24:12 GMT
x-content-type-options: nosniff
age: 246972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4344
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 14:24:12 GMT

GET
H3 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJHkq0.woff2
fonts.gstatic.com/s/lora/v32/ Frame 603E 1 KB
1 KB 455ms
454ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJHkq0.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bba06493e9d01e72d0c0acfbf64abbf9f9198dbb7788285bf8d7b9005d0588f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:32:59 GMT
x-content-type-options: nosniff
age: 422845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 13:32:59 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-eiZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 603E 4 KB
4 KB 453ms
452ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-eiZM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dcebb5ec80a2ddab469a77f1a37412c34205ef76d054131083b0bf663b786fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:32 GMT
x-content-type-options: nosniff
age: 255892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3640
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:55:32 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw_aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 603E 1 KB
2 KB 476ms
475ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw_aXo.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdaae795074ced24ad382f9f21c4f2e3443d3dc27bf6f75ab5cb43d54f23f009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:32 GMT
x-content-type-options: nosniff
age: 255892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1516
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:55:32 GMT

GET
H3 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTI3jw.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 603E 1 KB
2 KB 450ms
449ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTI3jw.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10505df86b3638be7b5707a542c0c7c80ed856f14e037bb1c64bfaf712b0ab75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:17:47 GMT
x-content-type-options: nosniff
age: 232957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:17:47 GMT

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUBiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 603E 1 KB
1 KB 443ms
443ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUBiZQ.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4524691b7547d0d9f1a34ff172d940bedafd7725a14a5bd1121807b7d993bffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:40:41 GMT
x-content-type-options: nosniff
age: 148783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1360
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 17:40:41 GMT

GET
H3 200 FwZY7-Qmy14u9lezJ-6B6Mk.woff2
fonts.gstatic.com/s/pacifico/v22/ Frame 603E 5 KB
5 KB 444ms
443ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6B6Mk.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

867352b1c82c47d71a11744e3886441a848780dca87928bac596e5f3473bfaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 03:12:07 GMT
x-content-type-options: nosniff
age: 114497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5044
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 03:12:07 GMT

GET
H3 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDRbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 603E 3 KB
3 KB 450ms
449ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDRbtM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee21fa3a8dd34931830b255fb301dec184add039958f2378ec534733b4002011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:19:41 GMT
x-content-type-options: nosniff
age: 96043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2688
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 08:19:41 GMT

GET
H3 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_QuW4.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 603E 1 KB
1 KB 449ms
447ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_QuW4.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc93b0c6ccf01063b9788530ca2389636059624b18599de8edef8d4054255474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:19:29 GMT
x-content-type-options: nosniff
age: 376855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 02:19:29 GMT

GET
H3 200 R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEliotl6Z8AA.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 603E 2 KB
2 KB 486ms
484ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEliotl6Z8AA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

171d4c2505ae91856b2fe01ef5154d89feec1591421b5ee67f6ef8c0f50649c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:32:59 GMT
x-content-type-options: nosniff
age: 422845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2484
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:06:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 13:32:59 GMT

GET
H3 200 rnCr-xNNww_2s0amA9M_kng.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 603E 3 KB
4 KB 448ms
446ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M_kng.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ba92453033372b440e5e762eedec60dec8b3c32008f599b1c7f46376d64216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:35:12 GMT
x-content-type-options: nosniff
age: 91512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3576
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 23:15:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:35:12 GMT

GET
H3 200 TUZyzwprpvBS1izr_vO0CA.woff2
fonts.gstatic.com/s/amaticsc/v26/ Frame 603E 63 KB
63 KB 445ms
443ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amaticsc/v26/TUZyzwprpvBS1izr_vO0CA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a6c1001c36d7f2f8ad4df369baf38217af3adaae94a5625651c05f4c3a38bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:50 GMT
x-content-type-options: nosniff
age: 255874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64068
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:55:50 GMT

GET
H3 200 TUZ3zwprpvBS1izr_vOMscG6fA.woff2
fonts.gstatic.com/s/amaticsc/v26/ Frame 603E 63 KB
63 KB 439ms
438ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amaticsc/v26/TUZ3zwprpvBS1izr_vOMscG6fA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1de6eac3059ca778e6d2367182c7f11edc81e09971e56f788db308a674ea7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 04:37:46 GMT
x-content-type-options: nosniff
age: 109358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64656
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 04:37:46 GMT

GET
H3 200 WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9SIc.woff2
fonts.gstatic.com/s/caveat/v18/ Frame 603E 98 KB
98 KB 430ms
428ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caveat/v18/WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9SIc.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54efcb5570863b2329c2c677749c85c7ed337f5c16bf38caea17807196150293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:24:02 GMT
x-content-type-options: nosniff
age: 322582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100756
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:32:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:24:02 GMT

GET
H3 200 WnznHAc5bAfYB2QRah7pcpNvOx-pjRV6SIc.woff2
fonts.gstatic.com/s/caveat/v18/ Frame 603E 103 KB
103 KB 432ms
430ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caveat/v18/WnznHAc5bAfYB2QRah7pcpNvOx-pjRV6SIc.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b73dc2a43d6620b4ae7b1e05eea2342cf309352b4dcaadeb4491c5b72468e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:54:08 GMT
x-content-type-options: nosniff
age: 61576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105776
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 17:54:08 GMT

GET
H3 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMPrE.woff2
fonts.gstatic.com/s/comfortaa/v45/ Frame 603E 37 KB
37 KB 436ms
435ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMPrE.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3525fca875bf7203e92f116e0c5532dd5b5fe0f0ca5e12c6c4c8b9bd77566e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:01 GMT
x-content-type-options: nosniff
age: 256703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37488
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:01 GMT

GET
H3 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4Y_LPrE.woff2
fonts.gstatic.com/s/comfortaa/v45/ Frame 603E 36 KB
36 KB 422ms
420ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4Y_LPrE.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbaf64460b4db78ba16ee6230d2c90215dda58ce8c285348d624fe32dbc470e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:24:05 GMT
x-content-type-options: nosniff
age: 99379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36840
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:24:05 GMT

GET
H3 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RUBg.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 603E 124 KB
124 KB 417ms
415ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RUBg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ca1eee7725d016477dddd403b78c514438b1d2cd58545b4bc9fd6db9647d83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:38 GMT
x-content-type-options: nosniff
age: 323386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126552
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:38 GMT

GET
H3 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNUBg.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 603E 140 KB
140 KB 425ms
424ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNUBg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e92624ff29d44c47f313d24e815f4f9b1ee01ceb5700f6fc9eb3baa215159f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:14 GMT
x-content-type-options: nosniff
age: 427870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143084
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 12:09:14 GMT

GET
H3 200 SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7e8QI9_.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 603E 114 KB
114 KB 401ms
400ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7e8QI9_.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd8bed74936b7b0f1745b3b117cab8be5ec9405fb4771226270462e670b8d9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:17:46 GMT
x-content-type-options: nosniff
age: 232958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116720
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:27:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:17:46 GMT

GET
H3 200 SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7dbR49_.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 603E 127 KB
127 KB 408ms
407ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7dbR49_.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10b6fc407ad68085b7ea80a7f03939ed11b4ad702c3067ff89bcd8ee26320ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:02:01 GMT
x-content-type-options: nosniff
age: 309503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129672
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:02:01 GMT

GET
H3 200 wlptgwvFAVdoq2_F94zlCfv0bz1WCzsW_LU.woff2
fonts.gstatic.com/s/lexend/v19/ Frame 603E 25 KB
25 KB 413ms
412ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v19/wlptgwvFAVdoq2_F94zlCfv0bz1WCzsW_LU.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

081a9357e5da041fc09dbef6c0abaa986251670aacbc6029228d37f34fd1fe25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:01 GMT
x-content-type-options: nosniff
age: 256703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:10:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:01 GMT

GET
H3 200 wlptgwvFAVdoq2_F94zlCfv0bz1WC9wR_LU.woff2
fonts.gstatic.com/s/lexend/v19/ Frame 603E 26 KB
26 KB 368ms
366ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v19/wlptgwvFAVdoq2_F94zlCfv0bz1WC9wR_LU.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee1925de22baa2ef5bcb426a76da601c7a094d4d87cc8703b80db62ac2452c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:01 GMT
x-content-type-options: nosniff
age: 256703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26936
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:01 GMT

GET
H3 200 neILzCirqoswsqX9_oA.woff2
fonts.gstatic.com/s/lobster/v30/ Frame 603E 98 KB
98 KB 387ms
386ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9_oA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93f4669cc09016e4d1ad1836a4cd1ebcf832c22979e5fa11db4f7c3620223ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:41 GMT
x-content-type-options: nosniff
age: 255883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99952
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 19:54:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:55:41 GMT

GET
H3 200 0QI6MX1D_JOuGQbT0gvTJPa787weuyJD.woff2
fonts.gstatic.com/s/lora/v32/ Frame 603E 46 KB
46 KB 392ms
391ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuyJD.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae4ca9b9303fc55a1053c3a796249078fc00d2389cf2f4b1f006bb19917e3bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 15:43:59 GMT
x-content-type-options: nosniff
age: 242185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46996
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 15:43:59 GMT

GET
H3 200 0QI6MX1D_JOuGQbT0gvTJPa787z5vCJD.woff2
fonts.gstatic.com/s/lora/v32/ Frame 603E 46 KB
47 KB 471ms
470ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787z5vCJD.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbd98aaaf11a21804cbf7f5b10e7ef9a80c30a47840b7b1dfa51a84fb298ffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:01 GMT
x-content-type-options: nosniff
age: 256703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47568
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:01 GMT

GET
H3 200 0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFkq0.woff2
fonts.gstatic.com/s/lora/v32/ Frame 603E 49 KB
49 KB 352ms
352ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFkq0.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07598e9c2aae44f349f488e73a31691f1f0f8c5eaedeaa69f2bcb56efa59a934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:55:08 GMT
x-content-type-options: nosniff
age: 237916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50560
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 16:55:08 GMT

GET
H3 200 0QI8MX1D_JOuMw_hLdO6T2wV9KnW-C0Ckq0.woff2
fonts.gstatic.com/s/lora/v32/ Frame 603E 49 KB
49 KB 377ms
376ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-C0Ckq0.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf721c6995366adb25d098fe2b901999ed3a750a2cd7d0f57f0e9d85af2aee29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:34 GMT
x-content-type-options: nosniff
age: 255890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50448
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:55:34 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5Ofg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 603E 58 KB
58 KB 359ms
358ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5Ofg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66a070c331573aa324fa2deac1a1b42b2d58e9660268555ee382d857e651e33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 21:11:15 GMT
x-content-type-options: nosniff
age: 222549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58892
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 21:11:15 GMT

GET
H3 200 u-4m0qyriQwlOrhSvowK_l5-eSZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 603E 56 KB
56 KB 340ms
339ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eSZM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8977152b314fcd5d04bec050367c0aafa91899501593e9ecb0d6090cdac29a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:24:01 GMT
x-content-type-options: nosniff
age: 322583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57612
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:49:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:24:01 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNpWg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 603E 56 KB
56 KB 469ms
468ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNpWg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b183e10d8c5db234637e82bef4014117bd41c956c69af55fa0165a7be31666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:16 GMT
x-content-type-options: nosniff
age: 427868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 12:09:16 GMT

GET
H3 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wsf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 603E 57 KB
57 KB 345ms
345ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wsf6.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

133bb5c5af6b43d96660ff65f46464f2a03f7d0deeb8e2a1f8e0aa7ce6770120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:24:36 GMT
x-content-type-options: nosniff
age: 322548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58012
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:59:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:24:36 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 603E 39 KB
39 KB 232ms
231ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff8c9a38c906236a4025b752da6a83403df53f22f0fb8b88155b7b04a5229904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:58 GMT
x-content-type-options: nosniff
age: 214406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39708
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:53:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:58 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 603E 39 KB
39 KB 332ms
331ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184819cfd66eee3bbf756a609a0ea8034f09dcf8c68cd817b08358d8e5579ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:17:48 GMT
x-content-type-options: nosniff
age: 232956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40184
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:40:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:17:48 GMT

GET
H3 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 603E 39 KB
40 KB 324ms
323ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9aXo.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17406c4e4926c81dcd8f3832b79428ccf82f5a3af17c03afd0e37f13413851b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:30 GMT
x-content-type-options: nosniff
age: 214374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40412
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:58:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:30 GMT

GET
H3 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 603E 40 KB
40 KB 291ms
289ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6aXo.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

347b8e3e68694a70f4b024cdbee7fb7ed5f98c19d0dafef6b8f237191c796f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:18:56 GMT
x-content-type-options: nosniff
age: 99688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:53:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:18:56 GMT

GET
H3 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshRTY.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 603E 41 KB
41 KB 290ms
288ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshRTY.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add6ddd7fee32d58eba385983ab7dcc9657ad97cdbd4bf4594db38675847edb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:17:46 GMT
x-content-type-options: nosniff
age: 232958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42132
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:10:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:17:46 GMT

GET
H3 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmRTY.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 603E 41 KB
41 KB 246ms
244ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmRTY.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c129c2c42b2f1d5af9bd5b9858f0eba8215ee3ebf61fbc99866e107b2c0af4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:24:05 GMT
x-content-type-options: nosniff
age: 322579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41676
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:10:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:24:05 GMT

GET
H3 200 XRXK3I6Li01BKofIMPyPbj8d7IEAGXNirXA3jw.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 603E 44 KB
44 KB 314ms
312ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXK3I6Li01BKofIMPyPbj8d7IEAGXNirXA3jw.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ea7445e374a6aab69f4e13ddbc9fc0e356c731e2d1f093619b93d4281bbe2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 03:15:49 GMT
x-content-type-options: nosniff
age: 114275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44980
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:56:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 03:15:49 GMT

GET
H3 200 XRXK3I6Li01BKofIMPyPbj8d7IEAGXNiSnc3jw.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 603E 43 KB
43 KB 458ms
456ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXK3I6Li01BKofIMPyPbj8d7IEAGXNiSnc3jw.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8fb82df9421fa2de18e11b89200eeccb188dab713331f06c6c8782ad5ce5437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:18:54 GMT
x-content-type-options: nosniff
age: 99690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44316
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:18:54 GMT

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvgUQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 603E 31 KB
31 KB 473ms
470ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvgUQ.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c4965a6e9c89dee7d1389167c821976bfbf55d80e7dcddfbcb5400b1ae01c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:58:29 GMT
x-content-type-options: nosniff
age: 118915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31456
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:20:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:58:29 GMT

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZogUQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 603E 32 KB
32 KB 264ms
262ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZogUQ.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68425336934a956337b4593a3d47d51d2970d03ac4a9c9fc795596f13eb21775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:38 GMT
x-content-type-options: nosniff
age: 323386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32644
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:20:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:38 GMT

GET
H3 200 FwZY7-Qmy14u9lezJ96F.woff2
fonts.gstatic.com/s/pacifico/v22/ Frame 603E 83 KB
83 KB 211ms
209ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ96F.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e05fd4c39d2671d0febcf551364287a41d4889ca4692817722459ff34940ac81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:57 GMT
x-content-type-options: nosniff
age: 214407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84892
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:57 GMT

GET
H3 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvUDV.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 603E 41 KB
41 KB 253ms
251ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvUDV.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c0243aeabbf9c2f5353f0f043cdfe582305ce9232dafae04789f72ad8b8a2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 06:56:15 GMT
x-content-type-options: nosniff
age: 14649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42416
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 06:56:15 GMT

GET
H3 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiukDV.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 603E 45 KB
45 KB 123ms
121ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiukDV.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31594918e6093b22f7d61e9ef00fe99af5de221a8e7b039517c38bb140fa6d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:20:49 GMT
x-content-type-options: nosniff
age: 135575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45636
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:20:49 GMT

GET
H3 200 nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 603E 40 KB
40 KB 181ms
179ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTbtM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f880482da8a65732322f1cc972412501c1d33d35edece8f4aba96fab40c3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:28:25 GMT
x-content-type-options: nosniff
age: 153119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41308
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:28:25 GMT

GET
H3 200 nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 603E 43 KB
43 KB 497ms
495ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UbtM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16a97a25c22e0a3666a93f2cc4dfb340df15a55dc32190f797ee748f2d7b3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:18:44 GMT
x-content-type-options: nosniff
age: 96100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43740
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 08:18:44 GMT

GET
H3 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vqPRg.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 603E 37 KB
37 KB 482ms
480ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vqPRg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2706dfabcbaaf2dee90c3a10c168d5f5691ce787dcae9e77cd038f66b08fc4ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:32 GMT
x-content-type-options: nosniff
age: 255892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37632
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:57:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:55:32 GMT

GET
H3 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_Of2PRg.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 603E 37 KB
37 KB 500ms
498ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_Of2PRg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7615aed2ed8f1361d3aba2b6ce6612468463e660e8bd4a4302b24c113ec57308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:23:13 GMT
x-content-type-options: nosniff
age: 153431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37800
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:30:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:23:13 GMT

GET
H3 200 L0xoDF4xlVMF-BfR8bXMIjhOsXG-q2oeuFoqFrlnAOW4.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 603E 40 KB
40 KB 150ms
148ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xoDF4xlVMF-BfR8bXMIjhOsXG-q2oeuFoqFrlnAOW4.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed2dc63202e8e1e06cc22eb23d39212a36034d90dbc76274ec7f85deb1d3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:38 GMT
x-content-type-options: nosniff
age: 323386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41220
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:38 GMT

GET
H3 200 L0xoDF4xlVMF-BfR8bXMIjhOsXG-q2oeuFoqFrmAB-W4.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 603E 41 KB
41 KB 94ms
92ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xoDF4xlVMF-BfR8bXMIjhOsXG-q2oeuFoqFrmAB-W4.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68c3f849762d80f759a7702f52b6f9c432173951d7d5e830c98cedfdeba5e53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:24:07 GMT
x-content-type-options: nosniff
age: 322577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41584
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:24:07 GMT

GET
H3 200 R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEliotp6I.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 603E 63 KB
63 KB 495ms
493ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEliotp6I.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb1d125975da6683e4db07394e5035b0cde2782b389341bb577d2a274262e839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:19:53 GMT
x-content-type-options: nosniff
age: 124831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64888
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:29:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 00:19:53 GMT

GET
H3 200 R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEls0qp6I.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 603E 71 KB
71 KB 460ms
458ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEls0qp6I.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d81818ee4513a1dbc74d17b8dcec5aa730a70ceca96b75a68ad007554e01cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:33 GMT
x-content-type-options: nosniff
age: 255891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72264
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:35:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:55:33 GMT

GET
H3 200 R71XjywflP6FLr3gZx7K8UyEVQnyR1E7VN-f51xYuGCQepOvB0KLc2v0wKKB0Q4MSZxyqf2CgAchbDJ69BcVZxkDg-JuT-R8AA.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 603E 64 KB
64 KB 453ms
452ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71XjywflP6FLr3gZx7K8UyEVQnyR1E7VN-f51xYuGCQepOvB0KLc2v0wKKB0Q4MSZxyqf2CgAchbDJ69BcVZxkDg-JuT-R8AA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7c81ec43ffc35a71567094e98836d7545681a399618661c8f1eb202b580206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:00 GMT
x-content-type-options: nosniff
age: 214404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65812
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 19:14:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:00 GMT

GET
H3 200 R71XjywflP6FLr3gZx7K8UyEVQnyR1E7VN-f51xYuGCQepOvB0KLc2v0wKKB0Q4MSZxyqf2CgAchbDJ69BcVZxkDg-JuqON8AA.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 603E 71 KB
71 KB 497ms
496ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71XjywflP6FLr3gZx7K8UyEVQnyR1E7VN-f51xYuGCQepOvB0KLc2v0wKKB0Q4MSZxyqf2CgAchbDJ69BcVZxkDg-JuqON8AA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc3cce7b52175a0e42f8b92d45322ebaa709d227f9ec52643e75410fda94b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:58:43 GMT
x-content-type-options: nosniff
age: 118901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72784
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 19:14:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:58:43 GMT

GET
H3 200 rnCr-xNNww_2s0amA-M7.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 603E 54 KB
54 KB 494ms
492ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA-M7.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8faffb5e867554c1ab9b0edd0e11e8b5a3d4b9842d860a11646371c2b84d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:27:48 GMT
x-content-type-options: nosniff
age: 88356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55204
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 22:22:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 10:27:48 GMT

GET
H3 200 rnCt-xNNww_2s0amA9M8kng.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 603E 57 KB
57 KB 492ms
489ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCt-xNNww_2s0amA9M8kng.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aada1ac84edc0a0f678a12e87b835b9c5a71fc4cec407ca0420c6561cb53a439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:16:48 GMT
x-content-type-options: nosniff
age: 125016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58200
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 22:19:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 00:16:48 GMT

GET
H3 200 rnCs-xNNww_2s0amA9uCt13D.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 603E 59 KB
59 KB 482ms
480ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCs-xNNww_2s0amA9uCt13D.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc62f0847bbeb2b050932bc04e8d60087955e2bbe3659fbe89408f4c62f2f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:29 GMT
x-content-type-options: nosniff
age: 309535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60648
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 23:19:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:29 GMT

GET
H3 200 rnCu-xNNww_2s0amA9M8qsHDafY.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 603E 63 KB
63 KB 484ms
483ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCu-xNNww_2s0amA9M8qsHDafY.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1382decc32857b4dc59faafdf57088d9f6917b18ece82cc47f84010224008c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:47:32 GMT
x-content-type-options: nosniff
age: 119572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64164
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 22:49:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:47:32 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 89ms
88ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 11:00:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41F6 42 B
64 B 271ms
120ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsti_fq78NJFkAjbi2RyjjSAIhRLqDSYSDOq0gENWTFztMSY8osiyrluc2Fcoaf_dnPRe8A9C2Jv75U6F7RgWubEymBb3iXEL-yqseTHw3eu1MljCWTdgmxygQnBRIc0b-dWDezw5nIue54k&sai=AMfl-YRr-hmc7qmRhCy6gwBszuQq5gXfgxoHlLFd0CaSlXaUWi7oDcXkzOVx1HA3gSGE4gyKmObxWlVf5SS3-NNZSIdKC3Lv0Pluv530ELExRJnhfEGr8ZVdrzuujkWmu0M5JRub5KB947I&sig=Cg0ArKJSzMsszHcj6zY7EAE&cid=CAQSPADICaaNfxvUwR6HEMPUF76a3TN5rFzPIQfONvFmb7xY9QvM4X3-T4ObaVtqU7g6I6JnNPTUFEj-MG056xgB&id=lidar2&mcvt=1001&p=0,0,120,1050&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2909568660&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701601222612&rpt=1169&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 278ms
278ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/heho_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 11:00:25 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Sun, 03 Dec 2023 12:00:25 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ 115 KB
55 KB 1177ms
625ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&ad=20&country=tw&url=https%3A%2F%2Fheho.com.tw%2F&&device=pc&media=heho.com.tw&extra=windows&agency=nissin_tw&topn=50&ad=10&r_category=all&country=tw&redirect=false&uid=58b905f073c627fd9611701597624931&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE5LjAuNjA0NSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii8iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiSGVobyVFNSU4MSVBNSVFNSVCQSVCNyUyMC0lMjAlRTYlOUMlODAlRTUlQTQlOUElRTQlQkElQkElRTclOUMlOEIlRTclOUElODQlRTUlQjAlODglRTYlQTUlQUQlRTUlODElQTUlRTUlQkElQjclRTUlQUElOTIlRTklQUIlOTQiLCJ1c2VyX3RkX3VybCI6Imh0dHBzOi8vaGVoby5jb20udHcvIiwidXNlcl90ZF9wbGF0Zm9ybSI6IldpbjMyIiwidXNlcl90ZF9ob3N0IjoiaGVoby5jb20udHciLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNzAxNjAxMjI0OTMyLCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&alg=ltr&callback=_p6_9ac27da7fa86
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/heho_tw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 629aa8443026d1acc08604f2d6af002611096512ead4434a069636466d7c2447

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:25 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 156 KB
43 KB 597ms
596ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/heho_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 11:00:25 GMT
x-amz-version-id: rMjFgUNkSodLPiS9pNV2rTlSUT0KRhgZ
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 06:45:28 GMT
Server: nginx
ETag: W/"dea14647ed42ad93bfc3d619993107a4"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Sun, 03 Dec 2023 12:00:25 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 835ms
275ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGVoby5jb20udHciLCJ1cmwiOiJodHRwczovL2hlaG8uY29tLnR3LyIsImxvYyI6Imh0dHBzOi8vaGVoby5jb20udHcvIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2IiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTkuMC42MDQ1In0=&t=1701601224934
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:25 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 834ms
274ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlaG8uY29tLnR3IiwidXJsIjoiaHR0cHM6Ly9oZWhvLmNvbS50dy8iLCJ1aWQiOiI1OGI5MDVmMDczYzYyN2ZkOTYxMTcwMTU5NzYyNDkzMSIsInRkX3RpdGxlIjoiIiwiYWJ0ZXN0IjoidGVzdF9hIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE5LjAuNjA0NSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNiJ9&t=1701601224936
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:25 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 14 KB
4 KB 293ms
293ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 11:00:26 GMT
x-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 03:29:29 GMT
Server: nginx
ETag: W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Sun, 03 Dec 2023 12:00:26 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 275ms
274ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlaG8uY29tLnR3IiwidXJsIjoiaHR0cHM6Ly9oZWhvLmNvbS50dy8iLCJ1aWQiOiI1OGI5MDVmMDczYzYyN2ZkOTYxMTcwMTU5NzYyNDkzMSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjllOGYwNWU1LTdlMmEtNDMzZS1iMGI0LTY0NTg3YzA2YjI5ZiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL2hlaG8uY29tLnR3LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiaGVoby5jb20udHciLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExOS4wLjYwNDUiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiOWU4ZjA1ZTUtN2UyYS00MzNlLWIwYjQtNjQ1ODdjMDZiMjlmIiwiYWJ0ZXN0IjoidGVzdF9hIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1701601226954
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:27 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 896ms
292ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=58b905f073c627fd9611701597624931&url=https%3A%2F%2Fheho.com.tw%2F&t=1701601226956
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:27 GMT
last-modified: Thu, 29 Aug 2019 01:24:26 GMT
server: nginx
etag: "5d67294a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F9DA249CC0A64275A2A7E8DA3F9E793C&RedC=c.clarity.ms&MXFR=29533C461DC5662F3B572F9A19C568A3
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F9DA249CC0A64275A2A7E8DA3F9E793C&MUID=0272134714F6601E2FB2009B159D6181

42 B
441 B

49ms
48ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F9DA249CC0A64275A2A7E8DA3F9E793C&MUID=0272134714F6601E2FB2009B159D6181
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:27 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22422151461D44B5ACF524F6A28DE697 Ref B: FRAEDGE1510 Ref C: 2023-12-03T11:00:28Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F9DA249CC0A64275A2A7E8DA3F9E793C&MUID=0272134714F6601E2FB2009B159D6181
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 127ms
127ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f62cf39f5940b84d3a21ebee86197a4a7ab517f998d556f144d3f84f362d4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12443
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 11:00:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5324 13 KB
5 KB 81ms
78ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FD11 829 B
559 B 93ms
91ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7dc9d72ca34c26ae0d5bf9a14410282f79674a850fa483e18cf7b3b63c0dff7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sKxXOlpbW2jvc96UJCaP-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sKxXOlpbW2jvc96UJCaP-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 11:00:28 GMT
expires: Sun, 03 Dec 2023 11:00:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 60ms
59ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LDJQEPLLSR&gtm=45je3bt0v877969751&_p=1701601221858&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1181362518.1701601223&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1701601222&sct=1&seg=0&dl=https%3A%2F%2Fheho.com.tw%2F&dt=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&_s=2&tfd=7950
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDJQEPLLSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 11:00:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5324 39 KB
15 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD11 0
0 116ms
116ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=598861414938319&rc=05ALb3HLeozgU4alBKJK5BpzfVk1BY9elvMYJKvSHhqVaSdTQ7oujCd_oKTdDZLwSwtGs3fBNUbt7-k-vhkMSpD-qB0e02uFhzK-TT88y1PzjrxzBXzZQEEur7J9JB-HNeRZ57zpcGehv-Umfq3qLBS4pXZ2Ia8djFDKcXPTJL8vx-MfVFVb-QBgYpaq3j
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5324 0
10 B 78ms
78ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AqisHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:00:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 114ms
114ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=598861414938319&bg=!wsGlwY7NAAY3kmNgF5I7ADQBe5WfONUYr1x5nF-qmrHhMys7zdcwZeF31GEL87IUda9usfYWEQE9EkQnTxgjGtVEgHaBAgAAADlSAAAAAWgBB5kCyv1a1ZAI9lNiW1dhILqpbnLILdUh_wyYEADG0j7NGedQoOnMGUKaGwt-yBgAP1b_xNoU2NeAHJkbQNuF7vK9E0dMGyv9psmw_WsjGmLYcP6rrEB6WmrFd2Q1neuoZd3Rgo5IAKnaUnkKv5xy5eYkYz7JEdb7ENTq57kbKfnipcoA9UtCBl1f9254YeJKOcmXkqklDBM8k_e6TMdVGc4iwQjwiWtaXKB8LUWWDL2qMeevzH1GdyEV2QqxalOPWb5SyNwjYugNfrlBYwJM08bvzhS-LA9Y18RzGXG4kb0Aiu4KTyA6VDHC4_bQUHRRLHtylR_UPNF8VnD_uI5gjG9Lbp9vnANRbdhdf1AANLRGh1zeJozNYDHuPDbcalf5zUlsVah7dlBi9ZvITdGrUPTGAMa8YrC0rDazcHuFoN_vx0wp8FpxOZJwCPJY0sINXx2VJwgAPEq0kjBQgwjTuwdsndeU1Ybq62lpwYZ-AKCE8cTelqmelul2WdEulOzGmCdcZ0Qk_vTSP-OJgedJjs4KSc0YKIbIhyXegxi7GBssURpbck7H81xWCwigOLtIgE9-edfCQAU_wcqJNRmUDOfSCOSKkZJPiq0thn8mD_cLfLxr_BuCNEymou6g10h_CzFIAyB-9p4DJz5dMxn0ZTMvBny371JIS5IVsLJHXF6g-4YF45Lx1k9J_BKiAXTevTPkdHwwlpZ6QAU8EaXILCq-tyC8SB2hWQSGJcMxIQieu1ap0SRC7lS-QLLnIjV_AGSo-2ImiX-8INj-nmB9BJltRR4_Pkqq35Fx39OYAyYhc4x7YyQbbhkH6ZUsIw6a4BQXLkJyeP_aUwZ8Mmj38CnkivOhgsKAMPC4C-TRIzZRrmC2FnWgZBAunJnKUpafPUPUUGVXDTfyNYcE4iBswr7xf56IIwFvVI-iMFxwfNZLmoiL8NtJKhKoZnYJkQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v.clarity.ms
URL: https://v.clarity.ms/collect

Domain: v.clarity.ms
URL: https://v.clarity.ms/collect

Domain: v.clarity.ms
URL: https://v.clarity.ms/collect

Domain: v.clarity.ms
URL: https://v.clarity.ms/collect

Domain: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw

Domain: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305/heho.com.tw

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305	1970-01-21 02:16:01	Name: heho_cid Value: 2988629d-58b0-4e17-b3ad-077d135e3104
ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/c8bf2ec6-2596-4ee0-be98-31fc1a831305	1970-01-21 02:16:01	Name: heho_cid Value: 2988629d-58b0-4e17-b3ad-077d135e3104
.docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA	1970-01-20 16:40:04	Name: S Value: spreadsheet_forms=nWa8pumbDFL2W9b0oXGUvyakJ9KNq6R-d5L1Mq-nEoU
.docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA	1970-01-20 16:40:04	Name: COMPASS Value: spreadsheet_forms=CjIACWuJV4hmBO49XLIvhB0j0rngwr2AHA_NhAXGAMSAz6v4GD7wJFxM-VsghrT-Vjn43RDW27GrBho0AAlriVdsge9qpsEXkbUp1VeLXVoNbNq7zc5Mck89JYYRMOwMRc7GRqp2Vt5E_ffNvT7B6w==
www.google.com/recaptcha	1970-01-20 20:59:13	Name: _GRECAPTCHA Value: 09ALb3HLc3ymq6V32fdzGYB2uIBZ4emIy3IhiKiattd8uj17T4RBF_dg8kU-1X8pcxLPxKf8mkmxENZcSGPqjKsC4
ml.oxra.com.tw/ox/mkt	1970-01-21 02:16:01	Name: heho_cid Value: 2988629d-58b0-4e17-b3ad-077d135e3104
www.clarity.ms/	1970-01-21 01:25:37	Name: CLID Value: bcf37893006641a0be670f1049734f6e.20231203.20241202
.heho.com.tw/	1970-01-21 01:25:37	Name: _clck Value: 1xn5bf%7C2%7Cfh8%7C0%7C1432
.heho.com.tw/	1970-01-20 18:49:37	Name: _gcl_au Value: 1.1.511695047.1701601222
.google.com/	1970-01-20 21:03:32	Name: NID Value: 511=pyn0Qb1A8K-ccyjhqwOVOPZ-QmuF2DZ-kgKRX6CZJ3HfRG6a09XGc-GBIPZq59YIOF7WBDcIFaiDSGDhszMUhREPhM8UsLmLRDaKFm2iUpG11DweyTkBh5b5vSlwSR8f53D12uQofsqEyBRaZqGA0U7ArXsb80XMnNtHZ5lCnUQ
.heho.com.tw/	1970-01-21 02:16:01	Name: _ga Value: GA1.3.1181362518.1701601223
.heho.com.tw/	1970-01-20 16:41:27	Name: _gid Value: GA1.3.582363268.1701601223
.heho.com.tw/	1970-01-20 16:40:01	Name: _gat_gtag_UA_105027460_1 Value: 1
heho.com.tw/	1970-01-21 02:16:01	Name: heho_cid Value: 2988629d-58b0-4e17-b3ad-077d135e3104
.doubleclick.net/	1970-01-21 02:01:37	Name: IDE Value: AHWqTUk3Ch4A1LeA635CK687ri-EYKvc_jnSDJP-e3XFbK2K1XQGMyymDdMW6A3JnAE
.travelaudience.com/	1970-01-21 02:11:42	Name: _tracker Value: %7B%22UUID%22%3A%22320EBB4C-C662-4D52-103B-2963E98F9375%22%7D
.heho.com.tw/	1970-01-21 02:01:37	Name: __gads Value: ID=3d2bce9403804f78:T=1701601222:RT=1701601222:S=ALNI_MbNRqLF_hiitCX7zXpZKK0ntVVBDw
.heho.com.tw/	1970-01-21 02:01:37	Name: __gpi Value: UID=00000d01d366bc89:T=1701601222:RT=1701601222:S=ALNI_MYuAuJdD0jVYKFNC2l0yf8A4zaOcA
.simpli.fi/	1970-01-21 01:27:03	Name: suid Value: 46C41117691F4D168A58B311D7045365
.turn.com/	1970-01-20 20:59:13	Name: uid Value: 8467928880892167859
.everesttech.net/	1970-01-21 01:25:37	Name: everest_g_v2 Value: g_surferid~ZWxfxwAELClNbABd
.doubleclick.net/	1970-01-20 16:40:04	Name: DSID Value: NO_DATA
.heho.com.tw/	1970-01-21 02:16:01	Name: _ga_LDJQEPLLSR Value: GS1.1.1701601222.1.0.1701601223.59.0.0
.quantserve.com/	1970-01-20 18:49:37	Name: d Value: EHsBCQHJKoEA
.quantserve.com/	1970-01-21 02:10:15	Name: mc Value: 656c5fc7-b6e28-d3540-db5d1
.ctnsnet.com/	1970-01-21 01:25:37	Name: cid_6949d584bb3f484e877b52987ac984ff Value: 1
.ctnsnet.com/	1970-01-21 01:25:37	Name: gid_CAESEK46G6bOke0NObq4cnxbd4g Value: 1
.ctnsnet.com/	1970-01-21 01:25:37	Name: gid_CAESEIWFH90EoppWjFAqOWj2NDM Value: 1
.ctnsnet.com/	1970-01-21 01:25:37	Name: cid_9f46b6e027204025891a53566661ec13 Value: 1
.yahoo.com/	1970-01-21 01:25:58	Name: A3 Value: d=AQABBMdfbGUCEOO9Cd8onIbOBQdHGPOXw34FEgEBAQGxbWV2ZQAAAAAA_eMAAA&S=AQAAAlBjdZw1NQYiu3F9eoPduJk
.tribalfusion.com/	1970-01-20 18:49:37	Name: ANON_ID Value: asntuJxZduB6RApTrqeUpMvvjLQ9lQ4C11QfryNu4vMrb3dEGcWUrMwmOr7bIB0LZdFXToZcXRWad3bQj4EWGkVqRca
.googleadservices.com/	1970-01-20 18:49:37	Name: ar_debug Value: 1
.heho.com.tw/	1970-01-21 01:25:37	Name: _ss_pp_id Value: 58b905f073c627fd9611701597624931
.heho.com.tw/	1970-01-21 02:16:01	Name: _td Value: 9e8f05e5-7e2a-433e-b0b4-64587c06b29f
.popin.cc/	1970-01-21 01:25:37	Name: uid Value: 58b905f073c627fd9611701597624931
.bing.com/	1970-01-21 02:01:37	Name: MUID Value: 0272134714F6601E2FB2009B159D6181
.c.bing.com/	1970-01-20 16:50:06	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:01:37	Name: SRM_B Value: 0272134714F6601E2FB2009B159D6181
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:01:37	Name: MUID Value: 0272134714F6601E2FB2009B159D6181
.c.clarity.ms/	1970-01-20 16:50:06	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:40:01	Name: ANONCHK Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	error	URL: https://heho.com.tw/ Message: Access to XMLHttpRequest at 'https://v.clarity.ms/collect' from origin 'https://heho.com.tw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://v.clarity.ms/collect Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://json.geoiplookup.io/ Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://heho.com.tw/ Message: Access to XMLHttpRequest at 'https://v.clarity.ms/collect' from origin 'https://heho.com.tw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://v.clarity.ms/collect Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://heho.com.tw/ Message: Access to XMLHttpRequest at 'https://v.clarity.ms/collect' from origin 'https://heho.com.tw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://v.clarity.ms/collect Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
api.popin.cc
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
csp.withgoogle.com
dclk-match.dotomi.com
dis.criteo.com
docs.google.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heho.com.tw
images.dmca.com
img.heho.com.tw
ius.ctnsnet.com
json.geoiplookup.io
kids.heho.com.tw
lifestyle.heho.com.tw
log.popin.cc
match.adsrvr.org
ml.oxra.com.tw
onetag-sys.com
oxra.com.tw
pagead2.googlesyndication.com
play.google.com
pr-bh.ybp.yahoo.com
r.popin.cc
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tw.popin.cc
um.simpli.fi
unpkg.com
v.clarity.ms
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ml.oxra.com.tw
v.clarity.ms
119.63.193.220
119.63.198.143
119.63.198.188
119.63.198.189
13.32.110.123
139.162.79.137
139.162.82.98
142.250.186.162
15.197.193.217
151.101.66.49
172.217.16.194
178.250.1.9
18.184.108.41
20.114.189.135
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
23.35.237.56
2400:52e0:1e00::1081:1
2606:4700:3037::6815:1994
2606:4700:3038::6815:ebd5
2606:4700::6810:7eaf
2606:4700::6811:190e
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:830::2011
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:4005:802::2003
2a00:1450:400c:c00::9a
2a02:fa8:8806:13::1400
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42:600::649
2a05:d018:d29:3605:e656:41e3:3e80:bff1
34.149.230.38
35.186.193.173
35.190.0.66
35.204.74.118
51.89.9.252
61.219.68.119
68.219.88.97
0191ae3372503c03f15583d80e0e27deef41fc8018cb3702ddf0db157c69aa98
029021f9df9d250bfc5442e10e72bb7fcc37aef687080952a051aa4428214f15
07598e9c2aae44f349f488e73a31691f1f0f8c5eaedeaa69f2bcb56efa59a934
081a9357e5da041fc09dbef6c0abaa986251670aacbc6029228d37f34fd1fe25
0936663800d5b0b15c55119b7233550b490d21dc962d8947da9bb55d11d38f02
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b35f88d468214d1e8ea6b50a1161cddd4984b46d3c9b13d05f00438bf894083
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cecb66bde508c9248d803c80e120330c2390474f21df544bee4d8d34b22810e
0d320ba6f0ff470d96a58d32124a629533d02fad99fa8d48191774292c6af86b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10505df86b3638be7b5707a542c0c7c80ed856f14e037bb1c64bfaf712b0ab75
10b6fc407ad68085b7ea80a7f03939ed11b4ad702c3067ff89bcd8ee26320ea6
133bb5c5af6b43d96660ff65f46464f2a03f7d0deeb8e2a1f8e0aa7ce6770120
1382decc32857b4dc59faafdf57088d9f6917b18ece82cc47f84010224008c05
14f880482da8a65732322f1cc972412501c1d33d35edece8f4aba96fab40c3b6
14fbfa60db0ae60f86714e73ee5a3bee3cbb68456fdc684247c64ad66e8d4f82
171d4c2505ae91856b2fe01ef5154d89feec1591421b5ee67f6ef8c0f50649c6
17406c4e4926c81dcd8f3832b79428ccf82f5a3af17c03afd0e37f13413851b7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184819cfd66eee3bbf756a609a0ea8034f09dcf8c68cd817b08358d8e5579ca3
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d928bc852bb5e7eb2285ebf5f535ffbedb0de341cf97b01e106fe5f4cde7009
20a3bf52be657d048a21d70727caaa41611e9d8ef79c89d88c78949ee41a162a
220bb5d720f88a8aeb5ebf4549d8338fd6df4ef57a542c538479349f7d996dfa
22bd7cf3246f1ba3c6875d4099495f7915382811d89d27f1925a9fba8078b730
23d3e2a2f611d4701ccd7472e8a00b46cc96a86cdc7acf1c610140aa6a013a98
23e4a995297af6d7e3abf5dc3212a2390efd61c55e15aced428ed4508654fe47
2406d76626722b18de4fd9e814ce615019442dc8ae02a1c3794ac7b4336338ad
2706dfabcbaaf2dee90c3a10c168d5f5691ce787dcae9e77cd038f66b08fc4ba
273864a943d0ff0ab1b4861c83635fe7c7fcaa496d81862552923c614639b12f
298b8daa7c02055bd4496270bb4ebdb6116a05a47cfc7425cab63acc83190423
2ad96fb646950e0d23ddcaef87b9cb6b032847aa2e250a3d5a324ec96e1c707f
2f6995a0395179c9dd731c85aa08ef73fb09ab0b6ea2e889eda95f9747e069c3
308bd8594b227122898d10838a3b719f545cd4ba4f02a408fc0b7ff43f17ca30
31594918e6093b22f7d61e9ef00fe99af5de221a8e7b039517c38bb140fa6d95
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b9e0ecfe714f58dd623394ec5ee9ad6f4bb906c21ca6cbe492d08a5e460243
334e702012cf0d8dfdbcfe2a9ff9e70032ca59cad3573f01454a3e1706131f5c
33ea7445e374a6aab69f4e13ddbc9fc0e356c731e2d1f093619b93d4281bbe2e
347b8e3e68694a70f4b024cdbee7fb7ed5f98c19d0dafef6b8f237191c796f03
35bbc7f2906050ec0d11b2fce351bd780046963e8d06fa3b3a396d7fd8c0076c
39b2a26dc249d0368798ce01da3e9785958eb925e608eb4729607f10ecf51241
3a3444723e0dd36e3099deb59133ba82203985f1eba230a07e7ce8eb43b1e1f1
3a6c1001c36d7f2f8ad4df369baf38217af3adaae94a5625651c05f4c3a38bd3
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac
3c1d1b09af9ea0e4a497cf8f1baaf915bb032eca2ae369869566282d156cb25d
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e92624ff29d44c47f313d24e815f4f9b1ee01ceb5700f6fc9eb3baa215159f6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4524691b7547d0d9f1a34ff172d940bedafd7725a14a5bd1121807b7d993bffa
45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13
47f1d0dc5c8ad11e9fcc9fb81023552a39854dfe3a8f67609b8ea44c1685c3db
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d68ba83268a7d5262f2af34a516346aa970e5212d9605664c6dc390bfed129
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4c5b8402d2e7e4e42031b1453ed8537fc76ac84e646e7fe29f0b2963e3a25488
4d6f268fafb58c6446703ee4d09aedba5b6a7d3a59261da328d75d5115fb11b2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b183e10d8c5db234637e82bef4014117bd41c956c69af55fa0165a7be31666
5448b3df7fca1bd7f1ee6c34cab7287342978c1634a216dcb055faa92ffef9de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54efcb5570863b2329c2c677749c85c7ed337f5c16bf38caea17807196150293
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577720b3510897fca3bfe22da77990ae5e29eee049e1a1420490c5d3998cb436
58414c45ff47ff8f78077f75d47fb1c08143c46e500536ccb407fb9a031d3da7
58581d2843a819bdb10d344dc4cb9e5a5c899290646318fb064b50608c23d483
589ee426ccb7b86d8643b16efc0acbd99cb9590e1237cbbb694eba36efac28e2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bd95d97908d15bffb7bee4ac7fafc2b7c19de43cb27447eb8ea21fd72d476b4
5c0243aeabbf9c2f5353f0f043cdfe582305ce9232dafae04789f72ad8b8a2fb
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5dcebb5ec80a2ddab469a77f1a37412c34205ef76d054131083b0bf663b786fb
5ee1925de22baa2ef5bcb426a76da601c7a094d4d87cc8703b80db62ac2452c1
5f338abba8fb7cf686b9a4f785fedd4299709cff3e365eae3c61eb0e507c417d
600db4b0c037c60bc7cf0f6508cd29ff8d97e1d02267a626b444a28d7c75d298
60f4bc6d7145eac78eacce4c985befa2f47a66af0fc33f5e5f99f43cc2c080f5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52
629aa8443026d1acc08604f2d6af002611096512ead4434a069636466d7c2447
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
66a070c331573aa324fa2deac1a1b42b2d58e9660268555ee382d857e651e33f
68425336934a956337b4593a3d47d51d2970d03ac4a9c9fc795596f13eb21775
68c3f849762d80f759a7702f52b6f9c432173951d7d5e830c98cedfdeba5e53e
68c6f2b56db50efe9ee121bb0705283af79881d6fcb848a4e5674dd287344c31
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6ad6b8b2dd661ae7182bde4de0a90cdfb0d06d3451102d5d5137c340c2b70a3d
6bba06493e9d01e72d0c0acfbf64abbf9f9198dbb7788285bf8d7b9005d0588f
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6c00994f426cdca41eb2fbd87b0f3610e37acb3d641b4297a5cfa3e969cd95ee
6d3d2a8652d7f530292005dfde3b2ef181d003a53b3dd06f73d223e9d81d546c
6d7fab9e736b5a64ab2fd063444bc8737b54f6e0a559c2a6a04149d952a75017
6f8f0d78c296031efe8b806ec25620e2b7c71b5c29d6ee877f593089b882179e
7046618f6555847e4c8d7fb47584672aab889faf9ceebd6d871074da350615c9
725433fd99ff2c6146ab607f69d833fb207db0167a1886481e39b79da8728d98
738465a35668cea4cf13644bbaf6eeb18dfe494d6941a242d138ee87280c8a9c
74d4d21ea731e982d339e2341bebcde40e7abd3c43e6955a51d13c68d105f9ca
75bab248ae90650bc4ae24be3c0f261c31976f24495057848ff473ad28f41740
7615aed2ed8f1361d3aba2b6ce6612468463e660e8bd4a4302b24c113ec57308
775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
797dd891b6f03158206e00fa2386d8f75437b7dcf734c1e9cd4874305c2e3d9b
7c7c81ec43ffc35a71567094e98836d7545681a399618661c8f1eb202b580206
7c962d6b55e524fbd4d056d9417afc3f15d56c09df24de4217a3faecd27afba8
7dc9d72ca34c26ae0d5bf9a14410282f79674a850fa483e18cf7b3b63c0dff7e
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
80083bb74056d4ea185160dd596de5a63d5ed834778a5d7f7e4e843ba4421345
81a688b4176e331aa476e169d461f97a6034f64436c4c8457b3e9d1534abf470
821efb9b0f85eb5ed3903a73c7d5a71b997661f4daae99e3a13cbade1518d356
82b91c403bb4593185c877340c69d6b279f57903e9ebeffac57536b748058d5e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8341e035f8572a07e1afa2e95d48bf9a97d33844e27e4300bb8c0de6e172211b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
867352b1c82c47d71a11744e3886441a848780dca87928bac596e5f3473bfaa3
86d3787dfcab7706fefb343471c30af045cb274fe2b31203f16dbf4df1a393b7
87b18f50b21e8e3e68778d553e17395f44f3d18bcf9d664f852e9a7d515a6c10
889aad1463a00bc7c4fda2a94819d09f932bde81010eaa9f7b9f74402f3fc579
8c089632f2472d720775d3f5d81306f073905aded8a9a2ce493a4c516984c5f5
8c784e0a746c79495f6389971b2f60ef425d4d98a1ab85b9945e31a41e2fe9ed
8ca1eee7725d016477dddd403b78c514438b1d2cd58545b4bc9fd6db9647d83d
8cc3cce7b52175a0e42f8b92d45322ebaa709d227f9ec52643e75410fda94b06
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f54070450baf09b19fdbe1d661a5b05eaec9b8a60353a4cf91ce60df518469a
9166139867849f520e589e2539331b7a59c0e2bd96b52c277d15461643b2ce9a
926820f185b15731023eb5573e470b2fc52fa7c7719ba68de547ec3a99ea4db6
9320b3cdf4756eab8412ee5120bc5af5524c9030de78136fbc42b7e40814289a
950738e693c765f0c3a7fcd54935f7c767089f075a698d7ba8cc43a6097dda2f
95e18e2366fa470e629ba4f8e53062b8ac9a5de93ed8dfc4803dd5a25532a39b
96992974bcd03f1c7b414fb16d7a7db3d9a85e39dcee3ee7257a20cd766018de
97d695e62a2f6236c29b6140648edf58d03a448cf69444431114dfcb8db866b8
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
985b3bcffaca82008af6fbae8e61658cb5154c104561967e0b1fb91305375555
9996ece096f1a0a0a480e2a9ada6ad692c59b562370dd189bd75968dbd7a0f9e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afefc6356f7a01fa5d0a8b69c8a39cb3709795753e96ad09bad19b21b0b658c
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9c9837dd0a50218aac53dee373e4167e0a2edf128136d31ff2d89add6c5fed8e
9d81818ee4513a1dbc74d17b8dcec5aa730a70ceca96b75a68ad007554e01cc2
9dd51d0ad0444c841f5c9260a62e9275510fb464d8da85e2b970299913b8bc1b
9f080d319cc1440fa93f6f9b729d624797f7c91f16165b64576fadaa5bc6db96
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9fc62f0847bbeb2b050932bc04e8d60087955e2bbe3659fbe89408f4c62f2f7d
a076d79ed14cff54c3ece7a41c43bf5b96154cc8c194ba252aea6f5c3830cfdb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4caf0e36dd19c395a07167bc67d8f38c73263c10ff786db363c5f0b5c8c7abe
a535ba09ab809d987eb451502fe1d911ed8959328eaa381ee0bcbeaded320c78
a5b17f07bd0d24edb3a5883b7fc3e77b39be07cd99131fbd33b7873fda49b165
a5b81e95b3a4dbbbfd469024ac03cc25662c626c787cc0d3808adc2868bd0dbe
a631f36b97689ffb94afdaef8032e78479d469894a2b18f007dea806dc1172b3
a817a663ee912ccf67f30d9cddfb563e15efdabb3de65fe491abdfbea5c6578f
a9ed2dc63202e8e1e06cc22eb23d39212a36034d90dbc76274ec7f85deb1d3c2
aaa699bffde59485dd19fa60a333645a0e56425bf560e2c42b54938bbb286687
aada1ac84edc0a0f678a12e87b835b9c5a71fc4cec407ca0420c6561cb53a439
add6ddd7fee32d58eba385983ab7dcc9657ad97cdbd4bf4594db38675847edb4
ae4ca9b9303fc55a1053c3a796249078fc00d2389cf2f4b1f006bb19917e3bef
af9ec9a489ec63fe87954ad25bdedfa650743358a7d4046d1bef5767270a88f3
afd50883e5a14dc60ab697ca8272c575fdaca96c69eb11ff5edc092752520d6d
afd7b4ce1230fc5d6cb58daebeed6bcd09ebee1e4414367596bc3bb33f62444c
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b1de6eac3059ca778e6d2367182c7f11edc81e09971e56f788db308a674ea7ec
b2d715cfe84dc6dffc61288e0a1ac6901e9ce71b50e08a0b71c1d6c20c135940
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b6ba6d140a0b4673d579dd5cd2428521d9141c946dcb02884c0c5a3b3913cd7d
b7414b46962c0142ab4b8b26473943aac1db88fac3f9011004107c18513985f5
b91a5d0c93ab9e0c055f1e0d6ff22688984670591f4853b000454b703fb2fcb7
b93f4669cc09016e4d1ad1836a4cd1ebcf832c22979e5fa11db4f7c3620223ae
bbd98aaaf11a21804cbf7f5b10e7ef9a80c30a47840b7b1dfa51a84fb298ffad
bc3fa17b0c4f879f13a223996f66eb9fad7c84385b2967e3781a3680a6e6a811
bc425300c8a8a921a3d481e8b2395ef3c6cac4333b7326ceb1f5963fa6102b77
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd37899aca2011cdf18276fe93b568460f41a8a9aa4af0dedae29e28e0f7cc8b
bdc4624041972901a92c9227733fc7679e8e6a4ccab765f9d06e75fd6c621d9f
bec887feaec684bbc55998c457617df16605234f032386cd8068ad2dc8964a5c
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
bf54ca999785e94d3692084aedd7379cdfa4f722acc00c50b937ff30f830122c
bf721c6995366adb25d098fe2b901999ed3a750a2cd7d0f57f0e9d85af2aee29
c063fc54a4bcec5e67e63ec0c5fb62be66be35509203e143a97de4e7eae0e4f2
c129c2c42b2f1d5af9bd5b9858f0eba8215ee3ebf61fbc99866e107b2c0af4b5
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c201bc004adfc1a633af5632f87f33e1656cb4f457f95ba5a5a84f0b57088d3d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3525fca875bf7203e92f116e0c5532dd5b5fe0f0ca5e12c6c4c8b9bd77566e2
c37959ecaf7cbc7222f9be9dc9004783aedddc45b3e145d4b1a974bba439a72d
c7b73dc2a43d6620b4ae7b1e05eea2342cf309352b4dcaadeb4491c5b72468e5
c8fb82df9421fa2de18e11b89200eeccb188dab713331f06c6c8782ad5ce5437
c9cd7546cdd1365d5d2e766c8a4a8c20c180beff5d8765e12e20da8fa208a1c4
cb1d125975da6683e4db07394e5035b0cde2782b389341bb577d2a274262e839
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc93b0c6ccf01063b9788530ca2389636059624b18599de8edef8d4054255474
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cdaae795074ced24ad382f9f21c4f2e3443d3dc27bf6f75ab5cb43d54f23f009
cfe4b3384bdf0bd276d03faa954b58977064c3aa7199c946292f3d22f416fc76
d16a97a25c22e0a3666a93f2cc4dfb340df15a55dc32190f797ee748f2d7b3ba
d4ba92453033372b440e5e762eedec60dec8b3c32008f599b1c7f46376d64216
d5c4965a6e9c89dee7d1389167c821976bfbf55d80e7dcddfbcb5400b1ae01c9
d6160ac2857a97b2e8b68b394977418e28dc43947425deb37fdea506582787aa
d6567639db59dc67528a542b533eb95189e86f1d3cd82d865b72b09cbb2290e7
d71a472191ca500c7dbcdc6cf3bb86fada4c0b5f5b787a936e66b61f6288cde0
d8977152b314fcd5d04bec050367c0aafa91899501593e9ecb0d6090cdac29a6
db8faffb5e867554c1ab9b0edd0e11e8b5a3d4b9842d860a11646371c2b84d79
dcbaf64460b4db78ba16ee6230d2c90215dda58ce8c285348d624fe32dbc470e
dd2e459e4cf19c74d043b82b18e774ef8c4911c30b53fa2fda29042f930d81cc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
dff004fc8dbe923a119063d7496d6fdaff1a25b66fbf9f8be3d0a9eeac0aaca1
e05fd4c39d2671d0febcf551364287a41d4889ca4692817722459ff34940ac81
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e2ecb4dd57033b4d5ce93ed5ee31f6e7ae13e0208ffed843a8a25809e6c186a5
e2f7fbd847620a46b260daa079ddcacce2e96d507bc686510677cb243f088245
e33b1e51ac94e9b191c6acd93da44002ea1e185dba1c51fdbdf376a96a983588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e47bf91c742fd9e32778e42257cde54b553f152cb5cc3a19eab97a8cad238c2c
e4e6a680e9036aaf31486a675e7ae117f53d2f3c3924240f26e0d57520e4204a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5acbe17fd4e63cca2ce1b72e482fc2411d27d9d534476ad7f0108b9df087fce
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e98273998af7ba59db229a5997cd60b10fff987e60d89dc79654a50fa5daee02
ea457f0a12915cc9612ecc2a0c085b16c5cf8af109f1be1c7fcc358a9d52fbc2
eb3784f1997c28bfbb36eb06ad663cb1d9fdf53a5c849fbe500acfdc4c11b1f0
ec398ff527e3966bda830bc3afbccd7736d05b7e402a45899984c9631232510a
ec7225a083dd0c1d116bcc0e37375df8059d578b5bc6ccaa7522353dc3d803fa
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee21fa3a8dd34931830b255fb301dec184add039958f2378ec534733b4002011
ef088734d15eea7d6e0e6835bc5502d62ddb3fbecb45d97127939bb0bd6cb1ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4
f16700a582fbcb0a4dce154cb5fab6fd32ed12a495c7e2678be5d0ad93e282c3
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f4b76edee234bdf41e7a402bd58b3b35b00d327dc10dd2bfafc1ceaac1d49923
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62cf39f5940b84d3a21ebee86197a4a7ab517f998d556f144d3f84f362d4a38
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f8cc03e63c2624c1e817c00f6dfb085759dcff6aa84c37fcd65050023fd582e8
fd39c5117fc14e408f4883b137ec8818042ce300d8783c0c34518732fb461303
fd8bed74936b7b0f1745b3b117cab8be5ec9405fb4771226270462e670b8d9fe
fdf44c84e33e64332bb97121e566eb096f411850877443b97c310e598ef10e72
fea32efefa901ef8406bee583dcea828fc0871ca38f7227475fc8d6a520da9dc
ff65c6a3b716ae696170f17006e5b017751677908e6b56b53a27379f7dc578df
ff8c9a38c906236a4025b752da6a83403df53f22f0fb8b88155b7b04a5229904

heho.com.tw Open in urlscan Pro 34.149.230.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

337 Requests

82 %HTTPS

61 %IPv6

37 Domains

60 Subdomains

50 IPs

10 Countries

11086 kBTransfer

17367 kBSize

42 Cookies

49 Outgoing links

Page URL History

Redirected requests

337 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heho.com.tw Open in urlscan Pro
34.149.230.38 Public Scan

Screenshot
Live screenshot

Full Image

337
Requests

82 %
HTTPS

61 %
IPv6

37
Domains

60
Subdomains

50
IPs

10
Countries

11086 kB
Transfer

17367 kB
Size

42
Cookies

337 HTTP transactions
11 data transactions