m.xuite.net Open in urlscan Pro
2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xuite.net/oklaqq
Effective URL:
https://m.xuite.net/home/oklaqq
Submission: On January 05 via manual (January 5th 2022, 8:25:11 pm UTC) from PT — Scanned from DE

Summary HTTP 169 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 21 domains to perform 169 HTTP transactions. The main IP is 2001:b000:1c9:7600:0:a:d23d:3827, located in Taiwan and belongs to HINET Data Communication Business Group, TW. The main domain is m.xuite.net.
TLS certificate: Issued by on June 18th 2020. Valid for: 2 years.

This is the only time m.xuite.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3831	3462 (HINET Dat...) (HINET Data Communication Business Group)
19	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3827	3462 (HINET Dat...) (HINET Data Communication Business Group)
7	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
8	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:382a	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	203.75.213.47 203.75.213.47	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3822	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	13.224.193.3 13.224.193.3	16509 (AMAZON-02) (AMAZON-02)
6	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	13.224.193.92 13.224.193.92	16509 (AMAZON-02) (AMAZON-02)
1	3.131.125.24 3.131.125.24	16509 (AMAZON-02) (AMAZON-02)
3 13	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
3 7	172.104.70.67 172.104.70.67	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3826	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
15	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	52.29.134.168 52.29.134.168	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	211.21.190.218 211.21.190.218	() ()
169	34

5 2001:b000:1c9:7600:0:a:d23d:3831 (Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)

xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2001:b000:1c9:7600:0:a:d23d:3827 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

m.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:b000:1c9:7600:0:a:d23d:382a (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

img.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatar.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 203.75.213.47 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:b000:1c9:7600:0:a:d23d:3822 (Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)

photo.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-3.fra2.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-92.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.131.125.24 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-125-24.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.96.119.68 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

apn.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pmp-beacon.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.104.70.67 (Tokyo, Japan) 3 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1680-67.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:b000:1c9:7600:0:a:d23d:3826 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

my.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
218c9fbc-ed6d-497b-8937-45d3c78cd224.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

web.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.134.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-134-168.eu-central-1.compute.amazonaws.com

prod-m-node-3113.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.nl.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:8ee (United States)

ASN13335 (CLOUDFLARENET, US)

tenmax-static.cacafly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 211.21.190.218 (None, )

ASN- ()

dmp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	xuite.net 2 redirects xuite.net m.xuite.net img.xuite.net avatar.xuite.net photo.xuite.net my.xuite.net	914 KB
25	googlesyndication.com 9339489a3603bfdcd3aaaeaf4ad3bb92.safeframe.googlesyndication.com Failed 708f07f6bfc9157b369d72371bb4ddc5.safeframe.googlesyndication.com Failed pagead2.googlesyndication.com tpc.googlesyndication.com a91c4c47ce4a68ea3f4f6df3e7d0d18e.safeframe.googlesyndication.com Failed	402 KB
24	hinet.net ssp.hinet.net t.ssp.hinet.net 218c9fbc-ed6d-497b-8937-45d3c78cd224.t.ssp.hinet.net	42 KB
20	appier.net 6 redirects apn.c.appier.net gocm.c.appier.net adx.c.appier.net pmp-beacon.apx.appier.net ad2.apx.appier.net	9 KB
17	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	462 KB
8	google.com adservice.google.com www.google.com fundingchoicesmessages.google.com	59 KB
7	jquery.com code.jquery.com	217 KB
6	yahoo.com web.ssp.yahoo.com prod-m-node-3113.ssp.yahoo.com	13 KB
6	sitemaji.com ad.sitemaji.com	16 KB
4	criteo.net static.criteo.net csm.nl.eu.criteo.net	40 KB
3	tenmax.io dmp.tenmax.io ssp.tenmax.io	1 KB
3	criteo.com bidder.criteo.com gum.criteo.com mug.criteo.com Failed	5 KB
3	googletagservices.com www.googletagservices.com	110 KB
3	google.de adservice.google.de	825 B
2	js7k.com cdn.js7k.com	35 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
1	cacafly.net tenmax-static.cacafly.net	37 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com	551 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
169	21

	Domain	Requested by
20	ssp.hinet.net	m.xuite.net ad.sitemaji.com ssp.hinet.net xuite.net code.jquery.com
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com prod-m-node-3113.ssp.yahoo.com pagead2.googlesyndication.com m.xuite.net www.googletagservices.com
19	m.xuite.net	xuite.net m.xuite.net
15	securepubads.g.doubleclick.net	ssp.hinet.net securepubads.g.doubleclick.net xuite.net www.googletagservices.com
7	gocm.c.appier.net	3 redirects m.xuite.net ad2.apx.appier.net apn.c.appier.net
7	img.xuite.net	m.xuite.net img.xuite.net
7	code.jquery.com	m.xuite.net ssp.hinet.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	ad.sitemaji.com	m.xuite.net ad.sitemaji.com
5	xuite.net	1 redirects m.xuite.net
4	prod-m-node-3113.ssp.yahoo.com	web.ssp.yahoo.com prod-m-node-3113.ssp.yahoo.com
4	ad2.apx.appier.net	2 redirects m.xuite.net ssp.hinet.net
4	pmp-beacon.apx.appier.net	apn.c.appier.net ad2.apx.appier.net
3	static.criteo.net	ssp.hinet.net
3	www.google.com	tpc.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	t.ssp.hinet.net	img.xuite.net t.ssp.hinet.net
3	adx.c.appier.net	m.xuite.net apn.c.appier.net
2	ssp.tenmax.io	tenmax-static.cacafly.net
2	bidder.criteo.com	static.criteo.net
2	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	cdn.js7k.com	prod-m-node-3113.ssp.yahoo.com
2	web.ssp.yahoo.com	securepubads.g.doubleclick.net
2	ssl.google-analytics.com	1 redirects m.xuite.net
2	my.xuite.net	img.xuite.net
2	apn.c.appier.net	1 redirects ssp.hinet.net
1	dmp.tenmax.io
1	tenmax-static.cacafly.net	xuite.net
1	csm.nl.eu.criteo.net	gum.criteo.com
1	gum.criteo.com	static.criteo.net
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	218c9fbc-ed6d-497b-8937-45d3c78cd224.t.ssp.hinet.net
1	stats.g.doubleclick.net	m.xuite.net
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	m.xuite.net
1	certify.alexametrics.com	m.xuite.net
1	d31qbv1cthcecs.cloudfront.net	m.xuite.net
1	photo.xuite.net	1 redirects
1	cdnjs.cloudflare.com	m.xuite.net
1	avatar.xuite.net	m.xuite.net
0	a91c4c47ce4a68ea3f4f6df3e7d0d18e.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
0	mug.criteo.com Failed
0	708f07f6bfc9157b369d72371bb4ddc5.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
0	9339489a3603bfdcd3aaaeaf4ad3bb92.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
169	45

This site contains links to these domains. Also see Links.

Domain
times.hinet.net
hichannel.hinet.net
vlog.xuite.net
xuite.net
www.xuite.net
blog.xuite.net
member.cht.com.tw
vip.xuite.net
qa.xuite.net
www.hinet.net

Subject Issuer	Validity	Valid
*.xuite.net	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.ssp.hinet.net	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
feebee.com.tw R3	`2021-12-14` - `2022-03-14`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.c.appier.net R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.apx.appier.net R3	`2021-11-08` - `2022-02-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.t.ssp.hinet.net	`2020-05-06` - `2022-05-06`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-17` - `2022-02-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-20` - `2022-02-09`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.nl.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-09` - `2022-02-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.tenmax.io Gandi Standard SSL CA 2	`2020-01-30` - `2022-02-05`	2 years	crt.sh

This page contains 25 frames:

Primary Page: https://m.xuite.net/home/oklaqq
Frame ID: 68296F36B38C0DA7FBFA0FE7466E0AC2
Requests: 58 HTTP requests in this frame

Frame: https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1
Frame ID: 73F1A2F58932A514CED168B81DFC5B9F
Requests: 1 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/app.js
Frame ID: D970FD80FFC9076784BC817EC258B603
Requests: 4 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Frame ID: D28A88F23BF2894D83E122ED5F3C05B1
Requests: 30 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6
Frame ID: CC25079D36F29B6924E7A87F3EA4FEB5
Requests: 3 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 99ED46CE9CECB27965F71503F80F57D1
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: A5E88ACB16A6A260BEE53B518ADC4994
Requests: 3 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 874CBF273BD0835680302A105E326F51
Requests: 10 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 236D81E2226DC7F27DBF1623B59C854C
Requests: 10 HTTP requests in this frame

Frame: https://9339489a3603bfdcd3aaaeaf4ad3bb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1414E7A38917A26DFA4AD43E74AE0DF5
Requests: 1 HTTP requests in this frame

Frame: https://708f07f6bfc9157b369d72371bb4ddc5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 303FEF3F1B2BA1583F88EB78DD0098FE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyDWnQFkh66btvTgu4ULXXWM92YH8GRIKV6Ngmk3K00nM3UR8W8qfMC77fp_dxLe0V30YyBWAAMdrsNi_TvnygKi3RcosjszSjTw3LLg3HB1t10YNWnpiIz03GvUnTzEqwki-KWcUymSWs5GCdjhgothogv8zwUu5pi-N-LXPmXATYA298zAavBZB3HFsGgLxTe4MQKVdV5Q2jpnfygL9XNcZUfS-G8NTA-SL51Tau29gwDwg31VjIuWd8Eg3pCUXeIh2c1c_gGw1tN_Y-QGXBdt7pVGAHII6MmaAetdH6Yj-T921MdME&sai=AMfl-YRCF_AbyYO_lZ3OBg2kOeUae_S7ev_KOcP4vQYfqr10dc-rQSDXP8dUr43FDnRCX9ST8fDWcE0-HY9yriGVFxSdKeT5bu2qwqLA3wNRKg-2N6zuccmbLojFDBKkrxQ&sig=Cg0ArKJSzJYuVRAp6tnmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A1E7A95F6BF093ECAAD485FD1D31B9D5
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL9VNfR482meoIvgs7u_hEmzKCSNNWjROVhF68wEjHcAhmGTnG2FogK5q-FEE1z8VKXG_JiI3WP39-Zbz1-Fui0bYIXVLPvBFsCAu9tJeVFJM9ngjYSCBaSChPs20ReyZ6R5gCSUdbNIDmNK0sgUrPR2qZIdAJw0LNZST6wLpUIjx32Yg7TE2abClGnfMUDDKhCU5Cwg7epk25ffPhulw7qAzVOEeCAf0ePq3Z98AmlLto9FDQL_7cX_VHZz3N6DvQS7xfm8lEwCta1vb-p5NCngyzG2O2MqPnFS3-j920abtT7tkyobs&sai=AMfl-YSsVi_eop34GL-dfGNJGkyR7tkxHfWAeb8s7jk8zvpH8aN8XMJlngmJwMs1iEARwap_Z_d6kpQLR2xWJMooa_bMi2f5X7pbSEylx6csLrwJP34DGm-KeGP3BFYqM2Q&sig=Cg0ArKJSzLTz6-1JoJkvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5ED977D0994F2C01862E60F7852DDE02
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7EA9908E9EF3191ABC5FDF41EFF1CA43
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2959E25981ED0EC9E183FE2F64895445
Requests: 2 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000058&u=0634d984-605e-7a31-14c7-e76628c658be&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414306467&oi=STX7h&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000058%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26ad%3D216d457d-bdab-9822-564d-709a249c8aaa%26t%3D1641414306467%26oi%3DSTX7h%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fhome%252Foklaqq&o=undefined
Frame ID: 3FDB4AB03FD0966C4DE27E0EBBE30B3A
Requests: 2 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: E8D21FDD08918C2EAAFB7113C409869A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: FA6353B3210278EBBB5C136CF8A1B82B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E0730C99C17A7634D33692C1A5ACA45
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37EC0784AD2F19590B8F49049AECEF2B
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=m.xuite.net
Frame ID: A23D2CE62162686E0B4F4AFD1E3F8F8D
Requests: 4 HTTP requests in this frame

Frame: https://a91c4c47ce4a68ea3f4f6df3e7d0d18e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 6DC19EFD4CDED15E5B636BD56F4DBA5F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZpOc7p3RWJEKhw6hn5XUDG7XejI20dzsfimUSIdLouUX5QahJytEzQKjWjHCetpPSfNCdGN0LEq-b5nTEVLeod_8t3mpl-Q1Yq932770UCJFQn2xKFq8a_u21RzuZTCT5he_X_f5ZiO31XZ_YeDYxUZvjtekYJ4U36vjXxF3RQeqtAW0VVBp0LZ6tIDcAgi5s_UAjSj5zuWEa1ougdyRghnR1tPlQ3I-glsBWHfgCY52x6EPGpAK5CYq3mEAmu9VXXDu-tCP13fNUu9SFIx5k-mfVgjKZFQck0TY7Bof7_hTHabmXKLDkLiNMCY_kxETq&sig=Cg0ArKJSzNSOBpAOfT6kEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9F7A0D05CF570FCEFEDEEE6B8A338D80
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79BFF320B49A44E6294F39F6F817ABEA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98F0A15B9D8F335F496930161C9AE7DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

隨意窩 Xuite

Page URL History Show full URLs

https://xuite.net/oklaqq Page URL
https://m.xuite.net/home/oklaqq Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

169
Requests

95 %
HTTPS

59 %
IPv6

21
Domains

45
Subdomains

34
IPs

8
Countries

2382 kB
Transfer

6114 kB
Size

22
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://times.hinet.net/spList/103/0
Title: 舒緩頭痛

Search URL Search Domain Scan URL

URL: https://hichannel.hinet.net/radio/index.do
Title: 線上聽廣播

Search URL Search Domain Scan URL

URL: https://vlog.xuite.net/live/ftvtv
Title: 新聞直播

Search URL Search Domain Scan URL

URL: https://xuite.net/service/reboot/album_01.php?tid=141
Title: 咖哩

Search URL Search Domain Scan URL

URL: https://xuite.net/service/reboot/album_01.php?tid=146
Title: 火鍋大特搜

Search URL Search Domain Scan URL

URL: https://xuite.net/

Search URL Search Domain Scan URL

URL: https://xuite.net/

Search URL Search Domain Scan URL

URL: https://www.xuite.net/service/report/report.html
Title: 檢舉

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/xuite.net/xuite
Title: 站長日誌

Search URL Search Domain Scan URL

URL: https://member.cht.com.tw/CHTRegi/mobile_register.jsp?siteid=50032&finish_channelurl=https://xuite.net/?newbie=1
Title: 免費註冊

Search URL Search Domain Scan URL

URL: https://vip.xuite.net/
Title: 升級VIP

Search URL Search Domain Scan URL

URL: https://qa.xuite.net/
Title: 反應問題

Search URL Search Domain Scan URL

URL: http://www.hinet.net/copyright.html
Title: 著作權保護

Search URL Search Domain Scan URL

URL: https://member.cht.com.tw/html/MemberCenter2/agreement_membercenter.html
Title: 會員條款

Search URL Search Domain Scan URL

URL: http://www.hinet.net/kid.html
Title: 兒童網路安全

Search URL Search Domain Scan URL

URL: http://www.hinet.net/classify2.html
Title: 網站及平臺內容管理措施

Search URL Search Domain Scan URL

URL: https://www.hinet.net/
Title: HiNet 首頁

Search URL Search Domain Scan URL

URL: https://times.hinet.net/
Title: HiNet 生活誌

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xuite.net/oklaqq Page URL
https://m.xuite.net/home/oklaqq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://photo.xuite.net/@login?furl=/@ack HTTP 302
https://xuite.net/index.php?notify=1&final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336 HTTP 302
https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1

Request Chain 43

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUAi9M-f HTTP 307
https://gocm.c.appier.net/apnnet?hzid=HUAi9M-f&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=QxWwHiG1AeqgGlzBnf7VYQ&hzid=HUAi9M-f

Request Chain 47

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=681&id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f HTTP 307
https://gocm.c.appier.net/aanet?id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f&url=ad2.apx.appier.net&zoneid=681 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6

Request Chain 53

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1192722438&utmhn=m.xuite.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E9%9A%A8%E6%84%8F%E7%AA%A9%20Xuite&utmhid=1164927742&utmr=https%3A%2F%2Fxuite.net%2F&utmp=%2Fhome%2Foklaqq&utmht=1641414303101&utmac=UA-6679755-11&utmcc=__utma%3D165570275.471147196.1641414303.1641414303.1641414303.1%3B%2B__utmz%3D165570275.1641414303.1.1.utmcsr%3Dxuite.net%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=33389741&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6679755-11&cid=471147196.1641414303&jid=33389741&_v=5.7.2&z=1192722438

Request Chain 66

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=681&id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f HTTP 307
https://gocm.c.appier.net/aanet?id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f&url=ad2.apx.appier.net&zoneid=681 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6

Request Chain 138

https://gum.criteo.com/sid/json?origin=publishertag&domain=ssp.hinet.net&sn=ChromeSyncframe&so=0&topUrl=m.xuite.net&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=vMSCmXxBUmFOdnV4Y0hQMlJWZWRMck9jcjI0aFJHdG1SYWh4ZElNQTloYjMrclNYdHVacmNMLzEybXZicmpWeFdGTHY4OGpjamJTU011MHdiTFIyNVZpenQzTGNSRE0zTFJGSTV0bUdqcStoK0FWRlBEUDR2WDJIdTYrV0tlNEZ1Y1RkUE4zOElONFRaVDA1Rk4zeHBYMHdFNU9jVmVFL3R2R1lWbjR3bWFnMjZWTFJHRjZWbENmKzJyU3NRam1QN0FmdE5mSHo3L2hJVGN0Sm1ZUUVWZzNZdDJWSTYzNjRFME1leUxyQjdYNU15UGlteEg2Mm5xR1RxNjkyb3puaUpCcEdidVNMdkxHS2QvVjBzRXUzazVuVWNhdz09fA&cppv=2

169 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK oklaqq
xuite.net/ 169 B
497 B 858ms
293ms Document
text/html 2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://xuite.net/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 05 Jan 2022 20:24:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Allow: GET, POST
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Host: www-01
Server: Apache
Content-Encoding: gzip

GET
H/1.1 200
OK Primary Request oklaqq Show response
m.xuite.net/home/ 14 KB
7 KB 1597ms
681ms Document
text/html 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/home/oklaqq

Requested by

Host: xuite.net
URL: https://xuite.net/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

eb3deb87ad964663392f43913d654f4d969874518552cc7f937ea342c1a5231b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xuite.net/

Response headers

Date: Wed, 05 Jan 2022 20:24:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Allow: GET, POST
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Host: m-01
Server: Apache
Content-Encoding: gzip

GET
H2 200 jquery.mobile-1.4.5.min.css
code.jquery.com/mobile/1.4.5/ 203 KB
24 KB 28ms
10ms Stylesheet
text/css 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.css
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:24:55 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-32a69"
vary: Accept-Encoding
x-hw: 1641414295.dop142.fr8.t,1641414295.cds202.fr8.hn,1641414295.cds052.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24849

GET
H/1.1 200
OK custom.css
img.xuite.net/_v_2.2021.02.24/_css/my/ 508 B
706 B 1120ms
283ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/_v_2.2021.02.24/_css/my/custom.css
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: 917e19af2f131aac8cc5eb1b1229ee7ba17ee2f8180e5a478c6cdb68bae57f89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Sep 2021 08:30:05 GMT
Server: Lighttpd
Host: img-02
ETag: W/"613b178d-1fc"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Thu, 05 Jan 2023 20:24:56 GMT

GET
H/1.1 200
OK fontawesome-all.min.css
m.xuite.net/css/V2/ 34 KB
9 KB 340ms
339ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/fontawesome-all.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:55 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-87ae"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
Expires: Fri, 04 Feb 2022 20:24:55 GMT

GET
H/1.1 200
OK bootstrap-front.css
m.xuite.net/css/V2/ 150 KB
33 KB 569ms
568ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/bootstrap-front.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

7182e8b6a6ce560ce174702b501b77a020a7549d779ebf07d522d32a1d91da06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:55 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-03
ETag: W/"613edceb-257d2"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
Expires: Fri, 04 Feb 2022 20:24:55 GMT

GET
H/1.1 200
OK sal.css
m.xuite.net/css/V2/ 7 KB
2 KB 675ms
334ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/sal.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

faff7b2972ce0d9c1419bbd15f63968f626db9596767b3a600e08790394d860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:55 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-1d78"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
Expires: Fri, 04 Feb 2022 20:24:55 GMT

GET
H/1.1 200
OK swiper.min.css
m.xuite.net/css/V2/ 13 KB
5 KB 846ms
282ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/swiper.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

607b6373b529d07da80e5c0bbce46ea42f08f93c3c0d5c26aa231cff4a2d80a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:56 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-03
ETag: W/"613edceb-3563"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
Expires: Fri, 04 Feb 2022 20:24:56 GMT

GET
H/1.1 200
OK screen.css
m.xuite.net/css/V2/ 47 KB
9 KB 846ms
282ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/screen.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

4b92b6a210a1c4ca08d3703f2956e8bdd64531d11e4d4fdc2408f709d46224d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:56 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Dec 2021 02:21:47 GMT
Server: Apache
Host: m-04
ETag: W/"61b6ae3b-bd16"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
Expires: Fri, 04 Feb 2022 20:24:56 GMT

GET
H/1.1 200
OK jquery.min.js Show response
m.xuite.net/js/V2/ 85 KB
35 KB 1130ms
565ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/jquery.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:56 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-02
ETag: W/"613edceb-15283"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Fri, 04 Feb 2022 20:24:56 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
m.xuite.net/js/V2/ 39 KB
13 KB 1130ms
561ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/bootstrap.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://m.xuite.net/home/oklaqq
Origin: https://m.xuite.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:56 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-04
ETag: W/"613edceb-9b00"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Fri, 04 Feb 2022 20:24:56 GMT

GET
H/1.1 200
OK swiper.min.js Show response
m.xuite.net/js/V2/ 136 KB
43 KB 1293ms
618ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/swiper.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:56 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-21fb7"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Fri, 04 Feb 2022 20:24:56 GMT

GET
H/1.1 200
OK search.png
xuite.net/include/reboot/images/ 2 KB
3 KB 283ms
282ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xuite.net/include/reboot/images/search.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Apache /
Resource Hash: 04c45b5d784c894b92dd81dfb767f63fac32ed052b67e0ae775990d84f5be793

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Last-Modified: Tue, 24 Mar 2020 04:30:01 GMT
Server: Apache
Host: www-01
ETag: "5e798cc9-970"
Allow: GET, POST
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=3456000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2416
Expires: Mon, 14 Feb 2022 20:24:57 GMT

GET
H/1.1 200
OK search.png
m.xuite.net/img/V2/ 2 KB
3 KB 553ms
281ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/img/V2/search.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

04c45b5d784c894b92dd81dfb767f63fac32ed052b67e0ae775990d84f5be793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-02
ETag: "613edceb-970"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2416
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H/1.1 200
OK logo-2.png
m.xuite.net/img/V2/ 4 KB
4 KB 280ms
280ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/img/V2/logo-2.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

ea541769687eaa4727495d75c9d4757958b91519c10389d1e2bf4a7e42bae49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-04
ETag: "613edceb-f85"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3973
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H/1.1 200
OK icon-user.png
m.xuite.net/css/V2/img/ 1 KB
2 KB 281ms
281ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/css/V2/img/icon-user.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

527d7ed0846e6a9e665e4695cb93e64da6c85e587c8dc9fbbc935d365da989e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Allow: GET, POST
Last-Modified: Mon, 22 Nov 2021 07:23:02 GMT
Server: Apache
Host: m-03
ETag: "619b4556-53a"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1338
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H/1.1 200
OK 237618322
avatar.xuite.net/ 4 KB
4 KB 1142ms
293ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatar.xuite.net/237618322
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash: aeebd24dcd34631f0d9f7e421a4410bb48ad5bb1fc4e407075e86ee3bc6b6473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:58 GMT
Last-Modified: Wed, 30 Apr 2014 14:33:52 +0000
Server: Lighttpd
Host: img-04
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Thu, 05 Jan 2023 20:24:58 GMT

GET
H/1.1 200
OK xui.js Show response
img.xuite.net/xui/ 331 KB
331 KB 566ms
565ms Script
application/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/xui.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: cffa52d10d8eb937b1051b55f8b44b1febf5a7c0fcd9d6c453c16cee6eedb772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Last-Modified: Tue, 11 Feb 2020 08:53:32 GMT
Server: Lighttpd
Host: img-02
ETag: "5e426b8c-52b78"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 338808
Expires: Thu, 05 Jan 2023 20:24:57 GMT

GET
H/1.1 200
OK cycle Show response
img.xuite.net/xui/combo/p/ 355 KB
125 KB 570ms
570ms Script
text/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/combo/p/cycle
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash: d561a9993af830d7e3f6c221966fa1a0976aba05ed1480491cbfda5d9ac272db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 07:50:19 GMT
Server: Lighttpd
Host: img-01
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Expires: Wed, 05 Jan 2022 21:24:57 GMT

GET
H/1.1 200
OK cookie,cycle Show response
img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,announce/p/ 377 KB
130 KB 1139ms
571ms Script
text/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,announce/p/cookie,cycle
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash: 4173c250a4737463fe825cc469be9e92d31c53c5bd173bfa9eaca367d5b07ba2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 01:23:05 GMT
Server: Lighttpd
Host: img-02
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Expires: Wed, 05 Jan 2022 21:24:58 GMT

GET
H/1.1 200
OK headerkeyword.js Show response
img.xuite.net/xui/ 901 B
1 KB 858ms
286ms Script
application/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/headerkeyword.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: 57145aadb133b9498c8f067617cd96b398e3312a3b6d9e195dfada28bba07292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Last-Modified: Tue, 07 Sep 2021 04:51:09 GMT
Server: Lighttpd
Host: img-02
ETag: "6136efbd-385"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 901
Expires: Thu, 05 Jan 2023 20:24:57 GMT

GET
H/1.1 200
OK script.js Show response
img.xuite.net/_v_2.2021.02.24/_js/reboot/ 3 KB
4 KB 876ms
290ms Script
application/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/_v_2.2021.02.24/_js/reboot/script.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: b3876ea3280559a56204fa578c794cb8fc4967dc74c026c0ebeb8c2ee88276f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:58 GMT
Last-Modified: Thu, 09 Sep 2021 03:18:53 GMT
Server: Lighttpd
Host: img-03
ETag: "61397d1d-ce3"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3299
Expires: Thu, 05 Jan 2023 20:24:58 GMT

GET
H2 200 svg4everybody.min.js Show response
cdnjs.cloudflare.com/ajax/libs/svg4everybody/2.1.9/ 2 KB
2 KB 89ms
50ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/svg4everybody/2.1.9/svg4everybody.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9137b33ceb0e8b966c5942abeff0ff11670e36afe176b73480fc24e7f214632d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://m.xuite.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:24:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3803720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 822
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff3-768"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHStqO%2FuKd7ipBYmCdmZxuSYCK7Cw8QqEWEQRyanOax8g4WVCgzjTcy9%2Fz%2F6mRQJVSz6aSj9urosRaHqSSleilXQ8ei0IxFMRU%2BBDsKlMs4J4ctRJI44rCkVvdJtz9kkSgGdIJp3owbcF34tB2WvfIv4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c8f6edeaa66e8f3-MXP
expires: Mon, 26 Dec 2022 20:24:57 GMT

GET
H/1.1 200
OK sal.js Show response
m.xuite.net/js/V2/ 3 KB
2 KB 341ms
339ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/sal.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

71588afe887b74f7d43d82b092b6d41bc8cd196d86e77e7b1acf79c7d4724b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-d53"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H/1.1 200
OK fgm.js Show response
m.xuite.net/js/V2/ 7 KB
4 KB 283ms
281ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/fgm.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

bf28bf1749d5f6ac054b55c31c4f1e89bd3105c8b235cf4a4773100e8beda2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-02
ETag: W/"613edceb-1a3d"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H/1.1 200
OK ga.js Show response
m.xuite.net/js/V2/ 45 KB
20 KB 563ms
561ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/ga.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-04
ETag: W/"613edceb-b4c2"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H2 200 app.js Show response
ssp.hinet.net/api/ 28 KB
8 KB 2158ms
758ms Script
application/javascript 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/app.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 8d47911578eba021abc2c449e64f90caaee7b9c002e4067e8f02ba7a4b199031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:24:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1

200
OK

miniLogin.php
xuite.net/members/ Frame 73F1
Redirect Chain

https://photo.xuite.net/@login?furl=/@ack
https://xuite.net/index.php?notify=1&final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessi...
https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26se...

0
0

283ms
283ms

Document
text/html

2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/

Response headers

Date: Wed, 05 Jan 2022 20:24:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Allow: GET, POST
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Host: www-01
Server: Apache
Content-Encoding: gzip

Redirect headers

Date: Wed, 05 Jan 2022 20:24:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Location: https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1
Allow: GET, POST
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Host: www-01
Server: Apache

GET
H/1.1 200
OK screen.css
m.xuite.net/css/V2/ 47 KB
47 KB 287ms
287ms Image
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/css/V2/screen.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/css/V2/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Content-Encoding: gzip
Allow: GET, POST
Last-Modified: Mon, 13 Dec 2021 02:21:01 GMT
Server: Apache
Host: m-03
ETag: W/"61b6ae0d-bd16"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 35ms
7ms Script
application/javascript 13.224.193.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-3.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 21867451
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: QkwiNBfJLHXXckvzczBHxlaylh-6JEXWl81Qeoj5AG5qtZDwoBgGcw==

GET
H/1.1 200
OK mywall-banner-bg.png
m.xuite.net/css/V2/img/ 18 KB
18 KB 820ms
559ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/css/V2/img/mywall-banner-bg.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

323275e6967715d085f8cc847d54f2632693b8e85ad4782b3a845af182fdb448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/css/V2/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Allow: GET, POST
Last-Modified: Mon, 22 Nov 2021 07:23:02 GMT
Server: Apache
Host: m-04
ETag: "619b4556-461e"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 17950
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H/1.1 200
OK icons-s61afdb56a9.png
m.xuite.net/img/ 31 KB
32 KB 823ms
561ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/img/icons-s61afdb56a9.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

4097c4bdb4510938b64c56b104c3ad7671a70df53562a33ee0bd90e01e6d4bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/css/V2/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:24:57 GMT
Allow: GET, POST
Last-Modified: Wed, 08 Dec 2021 07:55:21 GMT
Server: Apache
Host: m-03
ETag: "61b064e9-7dd3"
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 32211
Expires: Fri, 04 Feb 2022 20:24:57 GMT

GET
H2 200 ysm_xuite.js Show response
ad.sitemaji.com/ 41 KB
13 KB 37ms
8ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_xuite.js?u=%2F%2Fp8u.hinet.net%2Fjs.ng%2Faffiliate%3Dxuiteblog%26site%3Dhinet%26spacedesc%3Dblogtabunit%26keyword%3Ddefault
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: ea90c0fd1b81888f4172394db78c8f26cd89955dc3aa4349027e04523781deea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 15:00:30 GMT
content-encoding: br
last-modified: Mon, 04 Oct 2021 09:42:04 GMT
server: nginx/1.12.1 (Ubuntu)
age: 19467
etag: W/"615acc6c-a249"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=86400,public
alt-svc: clear
content-length: 13060
expires: Thu, 06 Jan 2022 15:00:30 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 54ms
8ms Image
image/gif 13.224.193.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E9%9A%A8%E6%84%8F%E7%AA%A9%20Xuite&time=1641414297465&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fxuite.net%2F&host_url=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&random_number=7586443017&sess_cookie=4a1671a917e2bea8778b4e8aac0&sess_cookie_flag=1&user_cookie=4a1671a917e2bea8778b4e8aac0&user_cookie_flag=1&dynamic=true&domain=xuite.net&account=Q+7Ii1a8Dy00qI&jsv=20130128&user_lang=en-US
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-92.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 01:58:21 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 66397
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 7D1-81XYqJGRwQwoo_Fv8OLGoVDijnBkUj3iNmDG4mNZI6Hj3e1Tcw==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 470ms
111ms Image
text/plain 3.131.125.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.125.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-125-24.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:24:57 GMT
server: Server

GET
H2 200 sitemaji_tab_hinet.css
ad.sitemaji.com/ 3 KB
672 B 7ms
7ms Stylesheet
text/css 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_xuite.js?u=%2F%2Fp8u.hinet.net%2Fjs.ng%2Faffiliate%3Dxuiteblog%26site%3Dhinet%26spacedesc%3Dblogtabunit%26keyword%3Ddefault
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 723ef3cb4cb1680d448ebd4351b1fc349ff084ce1f4d8623ffdaec81b223d659

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:52:34 GMT
content-encoding: br
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 9143
etag: W/"5d0b49e9-ab6"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
via: 1.1 google
cache-control: max-age=86400,public
alt-svc: clear
content-length: 540
expires: Thu, 06 Jan 2022 17:52:34 GMT

GET
H2 200 app.js Show response
ssp.hinet.net/api/ Frame D970 28 KB
8 KB 1485ms
368ms Script
application/javascript 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/app.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_xuite.js?u=%2F%2Fp8u.hinet.net%2Fjs.ng%2Faffiliate%3Dxuiteblog%26site%3Dhinet%26spacedesc%3Dblogtabunit%26keyword%3Ddefault
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 5a3676f9a1132552c7c781186fa8e9d1691c038ae581b7b850e8b1c59dd8cc9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:24:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 close.png
ad.sitemaji.com/static/ 336 B
448 B 9ms
8ms Image
image/png 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/close.png
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 7009ca6cdfe65e116dd86c97db4d3b3298cd50442cac6a59889300221d4dedd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.sitemaji.com/sitemaji_tab_hinet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:34:28 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 10229
etag: "5d0b49e9-150"
content-type: image/png
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: clear
content-length: 336
expires: Thu, 06 Jan 2022 17:34:28 GMT

GET
H2 200 expand_left.png
ad.sitemaji.com/static/ 362 B
461 B 10ms
9ms Image
image/png 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/expand_left.png
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: d41229f369557405de5b218daad429dd8216b8cfde394c3cd088c5002c998de7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.sitemaji.com/sitemaji_tab_hinet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 15:39:20 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 17137
etag: "5d0b49e9-16a"
content-type: image/png
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: clear
content-length: 362
expires: Thu, 06 Jan 2022 15:39:20 GMT

GET
H2 200 ajax-loader.gif
ad.sitemaji.com/static/ 696 B
804 B 9ms
8ms Image
image/gif 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/ajax-loader.gif
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: bc58f7e7a0ed86c18a0574ae23296518dd60cd08ed97265361b1be2faa8fbe91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.sitemaji.com/sitemaji_tab_hinet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 10:44:05 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 34852
etag: "5d0b49e9-2b8"
content-type: image/gif
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: clear
content-length: 696
expires: Thu, 06 Jan 2022 10:44:05 GMT

GET
H2 200 mini.png
ad.sitemaji.com/static/ 226 B
324 B 10ms
9ms Image
image/png 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/mini.png
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 717de370036c8ff23c0e7c3bf7f7b4b9fd06b760b9f5cc257325fc0ecdfed345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.sitemaji.com/sitemaji_tab_hinet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:54:50 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 12607
etag: "5d0b49e9-e2"
content-type: image/png
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: clear
content-length: 226
expires: Thu, 06 Jan 2022 16:54:50 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ Frame D970 543 B
714 B 1166ms
393ms XHR
application/json 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017005&s=201702000053&u=216d457d-bdab-9822-564d-709a249c8aaa&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414299109&oi=zTkdg&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000053%26u%3D216d457d-bdab-9822-564d-709a249c8aaa%26ad%3D216d457d-bdab-9822-564d-709a249c8aaa%26t%3D1641414299109%26oi%3DzTkdg%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fhome%252Foklaqq
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 444aa59524491c2d8c4e9fdb88c1aa6d74304f578ccb2c2f0730f1f1db03366c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://m.xuite.net
date: Wed, 05 Jan 2022 20:25:00 GMT
access-control-allow-credentials: true
server: nginx
content-length: 543
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ Frame D970 3 KB
1 KB 392ms
392ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000053&u=216d457d-bdab-9822-564d-709a249c8aaa&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414299109&oi=6Pvbb&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&o=b8HIr
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 53633ef9e6c0b9662e0d24ddb187c7ab90f9b97947cfd57f910c344f0dbaf4b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame D28A 90 KB
32 KB 314ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:00 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1641414300.dop031.ml1.t,1641414300.cds223.ml1.hn,1641414300.cds013.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2

200

zone.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame D28A
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUAi9M-f
https://gocm.c.appier.net/apnnet?hzid=HUAi9M-f&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=QxWwHiG1AeqgGlzBnf7VYQ&hzid=HUAi9M-f

3 KB
1 KB

273ms
264ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=QxWwHiG1AeqgGlzBnf7VYQ&hzid=HUAi9M-f
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ce173ea9161ac00ef25c1188064eb5f20bd0ac661f4ae396c3b55e1190503fde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=QxWwHiG1AeqgGlzBnf7VYQ&hzid=HUAi9M-f
date: Wed, 05 Jan 2022 20:25:01 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 120
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 third
ssp.hinet.net/api/web/ Frame D970 0
222 B 382ms
382ms Image
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201702000053&th=77&wc=1048
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame D28A 269 B
381 B 279ms
263ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=QxWwHiG1AeqgGlzBnf7VYQ&hzid=HUAi9M-f
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 5a4da43853b7efaf293b8eeb73d7ff62d83e38e7fc79e72e06fd8cf173622367

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:02 GMT
content-encoding: gzip
server: nginx/1.19.0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame D28A 12 B
195 B 290ms
263ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://m.xuite.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jan 2022 20:25:02 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.xuite.net
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame CC25
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=681&id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f
https://gocm.c.appier.net/aanet?id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f&url=ad2.apx.appier.net&zoneid=681
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6

3 KB
1 KB

262ms
262ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 7d4d7833c66c169637609c251363cfbf654a7a614daba84e571916ec4028ac0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:03 GMT
via: 1.1 google
server: nginx/1.19.0
cache-control: no-store
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6
date: Wed, 05 Jan 2022 20:25:02 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 139
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 gcm
gocm.c.appier.net/ Frame CC25 42 B
309 B 254ms
254ms Image
image/gif 172.104.70.67
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.70.67 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1680-67.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:02 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK keyw_data.php Show response
my.xuite.net/service/keyword/api/external/ 582 B
951 B 1342ms
362ms Script
text/html 2001:b000:1c9:7600:0:a:d23d:3826
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xuite.net/service/keyword/api/external/keyw_data.php?pos=www&callback=jQuery111105305434558654925_1641414303041&_=1641414303042

Requested by

Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,announce/p/cookie,cycle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3826 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

81379f872082f5e98e828b54cec5e374f193805c644f39fe326db869277cba9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Jan 2022 20:25:04 GMT
Content-Encoding: gzip
Server: Apache
Host: my-01
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 4 KB
2 KB 1430ms
391ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,announce/p/cookie,cycle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:04 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 01:23:36 GMT
server: nginx
etag: W/"61721298-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Wed, 05 Jan 2022 20:35:04 GMT

GET
H/1.1 200
OK logo-1.png
xuite.net/include/reboot/images/ 10 KB
10 KB 559ms
559ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xuite.net/include/reboot/images/logo-1.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Apache /
Resource Hash: 41f5e63f37797d4b6d51861ea16b24b64d474f150846e357e378939679e912f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:25:03 GMT
Last-Modified: Wed, 18 Mar 2020 03:51:59 GMT
Server: Apache
Host: www-01
ETag: "5e719adf-2638"
Allow: GET, POST
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=3456000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 9784
Expires: Mon, 14 Feb 2022 20:25:03 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xuite.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4623
date: Wed, 05 Jan 2022 19:08:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 05 Jan 2022 21:08:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1192722438&utmhn=m.xuite.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E9%9A%A...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6679755-11&cid=471147196.1641414303&jid=33389741&_v=5.7.2&z=1192722438

35 B
430 B

60ms
20ms

Image
image/gif

2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6679755-11&cid=471147196.1641414303&jid=33389741&_v=5.7.2&z=1192722438

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 05 Jan 2022 20:25:03 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:03 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6679755-11&cid=471147196.1641414303&jid=33389741&_v=5.7.2&z=1192722438
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 1 KB
2 KB 389ms
389ms XHR
application/json 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017005&s=201710000011&u=0634d984-605e-7a31-14c7-e76628c658be&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414303105&oi=3xpJy&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201710000011%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26ad%3D216d457d-bdab-9822-564d-709a249c8aaa%26t%3D1641414303105%26oi%3D3xpJy%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fhome%252Foklaqq&o=Hacc0
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 2b5e4e935a3c55113604e1a9d695ee414e6402a29179fbb2f020e8a40bd1c8a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://m.xuite.net
date: Wed, 05 Jan 2022 20:25:03 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1404
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 third
ssp.hinet.net/api/web/ 0
222 B 385ms
385ms Image
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201710000011&th=87&wc=2108
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H/1.1 200
OK blacklistapi.php Show response
img.xuite.net/xui/ 2 KB
980 B 284ms
283ms Script
text/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/blacklistapi.php?callback=jQuery111105305434558654925_1641414303043&_=1641414303044
Requested by: Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,announce/p/cookie,cycle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash: 4fab09927f9e0023e3685392a968a55ccc4a1df0a4c05ac99e9d3bb9ba5afe06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:25:03 GMT
Content-Encoding: gzip
Server: Lighttpd
Host: img-02
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Expires: Wed, 05 Jan 2022 21:25:03 GMT

GET
H/1.1 200
OK getUnread.php Show response
my.xuite.net/service/message/api/external/ 34 B
711 B 871ms
289ms Script
text/javascript 2001:b000:1c9:7600:0:a:d23d:3826
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xuite.net/service/message/api/external/getUnread.php?_=1641414303045

Requested by

Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,announce/p/cookie,cycle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3826 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

2496f1b76aa46054edab81ea47cf82ac2d94a0189d71c9ca36c41fa3370cf694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Jan 2022 20:25:04 GMT
Content-Encoding: gzip
Server: Apache
Host: my-01
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame CC25 12 B
73 B 270ms
270ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=681&id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://m.xuite.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jan 2022 20:25:03 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.xuite.net
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2 200 gcm
gocm.c.appier.net/ Frame 99ED 42 B
309 B 255ms
255ms Image
image/gif 172.104.70.67
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=681&id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.70.67 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1680-67.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:03 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 / Show response
ssp.hinet.net/api/web/request/ Frame D28A 3 KB
1 KB 391ms
391ms Document
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=216d457d-bdab-9822-564d-709a249c8aaa&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: ad15509027b05e8f36bc3a87648f084249b28e5f538ec6270248a95d53eddee3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/

Response headers

server: nginx
date: Wed, 05 Jan 2022 20:25:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame D28A 90 KB
32 KB 26ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=216d457d-bdab-9822-564d-709a249c8aaa&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://ssp.hinet.net/
Origin: https://ssp.hinet.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:03 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1641414303.dop031.ml1.t,1641414303.cds223.ml1.hn,1641414303.cds013.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 zone.js Show response
apn.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame D28A 3 KB
1 KB 270ms
270ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUAi9M-f
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=216d457d-bdab-9822-564d-709a249c8aaa&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: c0c97682d4a9500419530f90c2420e18748a0ce11e541c2c7d2bd753cb793ddd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:04 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame D28A 269 B
283 B 263ms
262ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=QxWwHiG1AeqgGlzBnf7VYQ&hzid=HUAi9M-f
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 5a4da43853b7efaf293b8eeb73d7ff62d83e38e7fc79e72e06fd8cf173622367

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:04 GMT
content-encoding: gzip
server: nginx/1.19.0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame D28A 12 B
89 B 262ms
262ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://ssp.hinet.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jan 2022 20:25:04 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ssp.hinet.net
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2 200 gcm
gocm.c.appier.net/ Frame A5E8 42 B
309 B 261ms
260ms Image
image/gif 172.104.70.67
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.70.67 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1680-67.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:04 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame A5E8
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=681&id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f
https://gocm.c.appier.net/aanet?id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f&url=ad2.apx.appier.net&zoneid=681
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6

3 KB
1 KB

262ms
262ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=216d457d-bdab-9822-564d-709a249c8aaa&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 82a7a2bc826f978cb4e0ff91da17bcfa8a2fcc23fa71cf463331c8b821627069

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
via: 1.1 google
server: nginx/1.19.0
cache-control: no-store
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=681&acid=QxWwHiG1AeqgGlzBnf7VYQ&id=idlxdoj736ds7v1y6
date: Wed, 05 Jan 2022 20:25:06 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 139
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
404 B 386ms
385ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9e3af9a7e39f0a0097d0bed0b1f8ea5fe414550f3ed47613969e0766477ab6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 1 KB
1 KB 386ms
386ms XHR
application/json 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017005&s=201702000054&u=216d457d-bdab-9822-564d-709a249c8aaa&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414303786&oi=7dTCB&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000054%26u%3D216d457d-bdab-9822-564d-709a249c8aaa%26ad%3D216d457d-bdab-9822-564d-709a249c8aaa%26t%3D1641414303786%26oi%3D7dTCB%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fhome%252Foklaqq
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 25f02e8a90158baa2b99fae0c81b6e22497d0edb1eece324298edaed00a63847

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://m.xuite.net
date: Wed, 05 Jan 2022 20:25:04 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1091
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 3 KB
2 KB 396ms
396ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000054&u=216d457d-bdab-9822-564d-709a249c8aaa&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414303786&oi=E5gnf&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&o=nDazY
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: c730940e3b39f3d28a237fc2160d69c5726ff1f6faa036397e888bfe3a1b5ab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 874C 90 KB
32 KB 19ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:05 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1641414305.dop031.ml1.t,1641414305.cds223.ml1.hn,1641414305.cds013.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 874C 79 KB
27 KB 51ms
17ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

f5753aa7658345c5b491b736513f2888df4e0c58e7a19c0e7951cc24abbee9e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26956
x-xss-protection: 0
server: sffe
etag: "1093 / 303 of 1000 / last-modified: 1641382096"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jan 2022 20:25:05 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 17 B
186 B 401ms
401ms XHR
application/json 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017005&s=201702000054&u=216d457d-bdab-9822-564d-709a249c8aaa&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414303786&oi=To4mC&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000054%26u%3D216d457d-bdab-9822-564d-709a249c8aaa%26ad%3D216d457d-bdab-9822-564d-709a249c8aaa%26t%3D1641414303786%26oi%3DTo4mC%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fhome%252Foklaqq
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://m.xuite.net
date: Wed, 05 Jan 2022 20:25:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 17
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 3 KB
2 KB 388ms
388ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000054&u=216d457d-bdab-9822-564d-709a249c8aaa&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414303786&oi=OpJQn&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&o=EIcgk
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 5423a325ed07524c28a5c9eb207b2ef3420eb55bdeebbac2d3cc4bf1d2b7314f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 236D 90 KB
32 KB 23ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1641414306.dop031.ml1.t,1641414306.cds223.ml1.hn,1641414306.cds013.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 236D 79 KB
26 KB 31ms
17ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

91ba5fd7f3b044739686c5558ef90c464271a94385010f7f27a39d5d8d94cf52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27061
x-xss-protection: 0
server: sffe
etag: "1093 / 384 of 1000 / last-modified: 1641382001"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 third
ssp.hinet.net/api/web/ 0
222 B 374ms
374ms Image
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201702000054&th=29&wc=3216
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H/1.1 200
OK undefined
m.xuite.net/home/ 14 KB
14 KB 565ms
565ms Image
text/html 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/home/undefined

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/home/oklaqq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Jan 2022 20:25:06 GMT
Content-Encoding: gzip
Allow: GET, POST
Server: Apache
Host: m-03
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self'
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
273 B 391ms
391ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=218c9fbc-ed6d-497b-8937-45d3c78cd224

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
218c9fbc-ed6d-497b-8937-45d3c78cd224.t.ssp.hinet.net/ 0
80 B 2162ms
384ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://218c9fbc-ed6d-497b-8937-45d3c78cd224.t.ssp.hinet.net/pixel?bd=218c9fbc-ed6d-497b-8937-45d3c78cd224&t=hinet

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:08 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 app.js Show response
ssp.hinet.net/api/ 28 KB
8 KB 372ms
372ms Script
application/javascript 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/app.js
Requested by: Host: xuite.net
URL: https://xuite.net/oklaqq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 8d47911578eba021abc2c449e64f90caaee7b9c002e4067e8f02ba7a4b199031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 pubads_impl_2022010404.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 874C 351 KB
118 KB 16ms
16ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010404.js?31063977

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

03fc68df1e139e553e59d20343974ee0658a802659955b4b860d2f674479d170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120664
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 236D 348 KB
117 KB 16ms
16ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 874C 107 B
538 B 64ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010404.js?31063977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 874C 107 B
549 B 46ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010404.js?31063977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 874C 19 KB
9 KB 53ms
53ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4404848956003455&correlator=2926746146496339&output=ldjh&impl=fifs&eid=31061815%2C31063943%2C31063977&vrg=2022010404&ptt=17&sc=1&sfv=1-0-38&ecs=20220105&iu_parts=22590772197%2Cxuite_bloghp&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&cdm=m.xuite.net&bc=31&abxe=1&lmt=1641414306&dt=1641414306174&dlt=1641414304873&idt=1286&ea=0&frm=23&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=4239621017&ucis=7632hei1i7fo&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&top=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=471147196.1641414303&ga_sid=1641414303&ga_hid=1754094135&ga_fc=true&fws=260&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010404.js?31063977

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3e1472923732cf9e0f1aee885320a9ae1a0d91825486a7b1fd49cf4f5c59d2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8816
x-xss-protection: 0
google-lineitem-id: 5785078022
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372285473
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
9339489a3603bfdcd3aaaeaf4ad3bb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1414 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 236D 107 B
165 B 24ms
23ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 236D 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 236D 19 KB
9 KB 51ms
50ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4176609852478646&correlator=1334569496899654&output=ldjh&impl=fifs&eid=31063951%2C31063246&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220105&iu_parts=22590772197%2Cxuite_bloghp&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&cdm=m.xuite.net&bc=31&abxe=1&lmt=1641414306&dt=1641414306223&dlt=1641414305683&idt=525&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=650&adys=346&adks=4239621017&ucis=blssxfenkezo&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&top=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=471147196.1641414303&ga_sid=1641414303&ga_hid=392404291&ga_fc=true&fws=260&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

bc9bb7440c95e6bf16b5f6299c8e3d1bc8c750cb0924066c4261412cf91ef562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8792
x-xss-protection: 0
google-lineitem-id: 5785078022
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372285473
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
708f07f6bfc9157b369d72371bb4ddc5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 303F 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A1E7 0
0 45ms
45ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyDWnQFkh66btvTgu4ULXXWM92YH8GRIKV6Ngmk3K00nM3UR8W8qfMC77fp_dxLe0V30YyBWAAMdrsNi_TvnygKi3RcosjszSjTw3LLg3HB1t10YNWnpiIz03GvUnTzEqwki-KWcUymSWs5GCdjhgothogv8zwUu5pi-N-LXPmXATYA298zAavBZB3HFsGgLxTe4MQKVdV5Q2jpnfygL9XNcZUfS-G8NTA-SL51Tau29gwDwg31VjIuWd8Eg3pCUXeIh2c1c_gGw1tN_Y-QGXBdt7pVGAHII6MmaAetdH6Yj-T921MdME&sai=AMfl-YRCF_AbyYO_lZ3OBg2kOeUae_S7ev_KOcP4vQYfqr10dc-rQSDXP8dUr43FDnRCX9ST8fDWcE0-HY9yriGVFxSdKeT5bu2qwqLA3wNRKg-2N6zuccmbLojFDBKkrxQ&sig=Cg0ArKJSzJYuVRAp6tnmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: xuite.net
URL: https://xuite.net/oklaqq

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 admax_api_https.js Show response
web.ssp.yahoo.com/js/admax/ Frame A1E7 3 KB
3 KB 88ms
9ms Script
application/javascript 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010404.js?31063977
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
last-modified: Wed, 05 Jan 2022 13:45:11 GMT
server: ATS/9.1.0.33
age: 0
accept-ranges: bytes
content-length: 2651
content-type: application/javascript

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1E7 119 KB
37 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010404.js?31063977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 236D 11 KB
9 KB 42ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb5929eae1e0e3d3c81801124e1d14a54e09769a16bf52973291f274194102d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8536
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5ED9 0
0 43ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL9VNfR482meoIvgs7u_hEmzKCSNNWjROVhF68wEjHcAhmGTnG2FogK5q-FEE1z8VKXG_JiI3WP39-Zbz1-Fui0bYIXVLPvBFsCAu9tJeVFJM9ngjYSCBaSChPs20ReyZ6R5gCSUdbNIDmNK0sgUrPR2qZIdAJw0LNZST6wLpUIjx32Yg7TE2abClGnfMUDDKhCU5Cwg7epk25ffPhulw7qAzVOEeCAf0ePq3Z98AmlLto9FDQL_7cX_VHZz3N6DvQS7xfm8lEwCta1vb-p5NCngyzG2O2MqPnFS3-j920abtT7tkyobs&sai=AMfl-YSsVi_eop34GL-dfGNJGkyR7tkxHfWAeb8s7jk8zvpH8aN8XMJlngmJwMs1iEARwap_Z_d6kpQLR2xWJMooa_bMi2f5X7pbSEylx6csLrwJP34DGm-KeGP3BFYqM2Q&sig=Cg0ArKJSzLTz6-1JoJkvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: xuite.net
URL: https://xuite.net/oklaqq

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 admax_api_https.js Show response
web.ssp.yahoo.com/js/admax/ Frame 5ED9 3 KB
3 KB 41ms
10ms Script
application/javascript 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
last-modified: Wed, 05 Jan 2022 13:48:34 GMT
server: ATS/9.1.0.33
age: 0
accept-ranges: bytes
content-length: 2651
content-type: application/javascript

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5ED9 119 KB
36 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 236D 17 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 adServe.do Show response
prod-m-node-3113.ssp.yahoo.com/admax/ Frame A1E7 3 KB
3 KB 276ms
97ms Script
application/x-javascript 52.29.134.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad812824&dcn=8a969104017d7d252b7227ff92c10045&pos=8a9695de017d7d2958b52b7bcc210026&grp=&gpid=&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.93%20Safari/537.36&of=js
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.134.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-134-168.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 6a611499423ea7871d0ee1eaa3cf58cc4f286f6e9f336960a990181b46abb430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:06 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
server: nginx/1.20.1
content-type: application/x-javascript;charset=utf-8
content-length: 3059
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adServe.do Show response
prod-m-node-3113.ssp.yahoo.com/admax/ Frame 5ED9 3 KB
3 KB 241ms
62ms Script
application/x-javascript 52.29.134.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad287907&dcn=8a969104017d7d252b7227ff92c10045&pos=8a9695de017d7d2958b52b7bcc210026&grp=&gpid=&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.93%20Safari/537.36&of=js
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.134.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-134-168.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 893fa65f77fe7edb9c7ce7d38eafc50694f210402a4b693bd457e4acd2e26341

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:06 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
server: nginx/1.20.1
content-type: application/x-javascript;charset=utf-8
content-length: 3059
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7EA9 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 05 Jan 2022 18:32:35 GMT
expires: Thu, 05 Jan 2023 18:32:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2959 783 B
1 KB 38ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b6b1cd19e67884c0a0bf95dde5afbccbc59395fa8d2abcdc4caab1d127ab311

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lZMdo4qCC5HZYIXzo8HwQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 05 Jan 2022 20:25:06 GMT
date: Wed, 05 Jan 2022 20:25:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lZMdo4qCC5HZYIXzo8HwQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EA9 35 KB
13 KB 28ms
10ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 17:44:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2959 0
0 53ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=4176609852478646&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 request Show response
ssp.hinet.net/api/web/ Frame 3FDB 459 B
526 B 391ms
391ms Document
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000058&u=0634d984-605e-7a31-14c7-e76628c658be&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414306467&oi=STX7h&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000058%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26ad%3D216d457d-bdab-9822-564d-709a249c8aaa%26t%3D1641414306467%26oi%3DSTX7h%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fhome%252Foklaqq&o=undefined
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 12036c24d13bca94a73e4111a1ae74b78019699aa261d67cb302355577a54a20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/

Response headers

server: nginx
date: Wed, 05 Jan 2022 20:25:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 236D 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=4176609852478646&bg=!gIOlg8fNAAZKWFskSlg7ACkAdvg8WntgW04Gzt-yIED19AsjZ67rokIBGDg57eA25H4UyJHi-7A4xwIAAABYUgAAAAhoAQcKABFUYlSnUtpFllTbJ65nVh2NS5kCu-5JZbfIlfEAFTbvLtQ8Th5eRgGbun47IQ5VXQcj3Fd1uvoGt6V7LZkBtTIlUvLyPceeV7cUIjWUOVhO9N6wd7p9LlGpdeh8pe-Xrw-Lo5pmTGUcKFyydnZI1LUhCfCQcNaCU-JdiB1Frc7XEHcX6iLZGHNByiGmM35l_HM7fGMLY6QbZzo0LG1j1hDQG0Z8iyoOxS3pTqNW1HGQtH6q3weZvC-sKj3EoHduD9YvOpoUV745rhxAP2I-WJznrVqnM-O3YBS1xTpIrg8D1HyJ9WY6NhODszhbI2rwzFws5eg0cguOePFbps67pOOyDpDU32IciIY4Q6y6xv72iyRcrmEss12eMCzjlf6ckEtRCgkU-zEdJ-bcEcwJCmD349XnyVH_-M1Ru9vqumrcqH54qiijAfJl-CBgAgRKXDo9XSqnA4l9Dx1osMIHonXm_YsTVofw3EW76QzXRTGJH4AVpzyU_q-drpFXUHGH7UY3Ax083O_q6ZswgNVp23uU2SH35Em5avUhMsV1IRlN-PnYSSnb0WWgznOfXovBu1qXqjJnlW_f1h-fjZNXiB28Ba0pLA4favHoJlxzVztMxHB1kG9nAXQ7xpniNUtTjv3A8TUJzOBY4xT_Rj1qo1sXMGL0zBYMx7nvmX2_hPDYsE7MXGH-af9UjAkg9JERwg5FxRQ0m80PuYZMxnzvrW5O-8aG42Lpaxmlyr_RBDviBTSPXvrnY2NkDXuX-mpOx2kRxX0VFZChXDMtGR271AUDVhHfP2oOgrt5KpO6l1YbL__3hGnGX5OPr6Ry7h2SSzHwNGgh8RBlyjhzCEOm9kG2-y9Hw4v1mnYrR_bHzA9O-25DhDTS-f2cfMN8cYtzSH9BcP3THWcfvdo1hiVR85nnvE1gJWH20wRBvQFTCx589unKPkXrF8pSB3vhQnEAkA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5ED9 145 KB
51 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Requested by

Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad287907&dcn=8a969104017d7d252b7227ff92c10045&pos=8a9695de017d7d2958b52b7bcc210026&grp=&gpid=&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.93%20Safari/537.36&of=js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0fa25cfd0830112aa27a81d10cd54949326920237aa74dd107b222db47659b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51817
x-xss-protection: 0
server: cafe
etag: 14638367144332764081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 talon-1.0.37.js Show response
cdn.js7k.com/ix/ Frame 5ED9 76 KB
18 KB 107ms
25ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.37.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5408
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 17735
x-amz-id-2: 0KZ4E+rP9PwVY+DOgkDUvVrneeJhOuHQrz4k8k1M5yK2MuQiPmjzlQSYVIfpLA38csdBOwVM2oI=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:57:38 GMT
server: ATS
etag: "89552f1206dff50a36eaa1887718e2c3-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: Z4FXPAWMK8SMZ2GR
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame 5ED9 43 B
175 B 8ms
7ms Image
image/gif 52.29.134.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770955515&dcn=8a969104017d7d252b7227ff92c10045&posi=1605380&grp=%3F%3F%3F&nl=1641414306572&rts=1641414306519&pix=1&et=1&a=a97bad69b5d54e93a069670de938a6a6&m=aXAtMTAtMjItMTEyLTE5MA..&b=MTMxMDc7UHVibGlzaGVyIFBhc3NiYWNrIFNlYXQ7Pz8_Ozs7O2YwNTdjYjNjNzBlYjQ2MjRiYjk3YzlhNTZhMmQ5OGMxOzMwNTI2OTU1OzE2NDE0MTEwMDA7OzA7OzA7O3Bhc3NiYWNrLTEyNzYwOzs.&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=7&dety=5
Requested by: Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad287907&dcn=8a969104017d7d252b7227ff92c10045&pos=8a9695de017d7d2958b52b7bcc210026&grp=&gpid=&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.93%20Safari/537.36&of=js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.134.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-134-168.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
last-modified: Tue, 04 Jan 2022 23:42:26 GMT
server: nginx/1.20.1
accept-ranges: bytes
content-length: 43
content-type: image/gif

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A1E7 146 KB
51 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Requested by

Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad812824&dcn=8a969104017d7d252b7227ff92c10045&pos=8a9695de017d7d2958b52b7bcc210026&grp=&gpid=&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.93%20Safari/537.36&of=js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6c59c4e7e56198a12c2ab1972fc223e9e6736d6ceefc2f24d0e0663eb22ce32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51811
x-xss-protection: 0
server: cafe
etag: 10798112520200106099
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 talon-1.0.37.js Show response
cdn.js7k.com/ix/ Frame A1E7 76 KB
17 KB 93ms
45ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.37.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5408
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 17735
x-amz-id-2: 0KZ4E+rP9PwVY+DOgkDUvVrneeJhOuHQrz4k8k1M5yK2MuQiPmjzlQSYVIfpLA38csdBOwVM2oI=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:57:38 GMT
server: ATS
etag: "89552f1206dff50a36eaa1887718e2c3-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: Z4FXPAWMK8SMZ2GR
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame A1E7 43 B
175 B 9ms
8ms Image
image/gif 52.29.134.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770955515&dcn=8a969104017d7d252b7227ff92c10045&posi=1605380&grp=%3F%3F%3F&nl=1641414306606&rts=1641414306519&pix=1&et=1&a=8768d6c3d45d4e828df049e2a19b49c8&m=aXAtMTAtMjItMTAyLTEzMA..&b=MTMxMDc7UHVibGlzaGVyIFBhc3NiYWNrIFNlYXQ7Pz8_Ozs7O2QyMGNiMjU3NWNhZjQyNzJhM2Q0NTRlMTEyNTQwYmI1OzMwNTI2OTU1OzE2NDE0MTEwMDA7OzA7OzA7O3Bhc3NiYWNrLTEyNzYwOzs.&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=7&dety=5
Requested by: Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad812824&dcn=8a969104017d7d252b7227ff92c10045&pos=8a9695de017d7d2958b52b7bcc210026&grp=&gpid=&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.93%20Safari/537.36&of=js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.134.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-134-168.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
last-modified: Tue, 04 Jan 2022 23:42:26 GMT
server: nginx/1.20.1
accept-ranges: bytes
content-length: 43
content-type: image/gif

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame A5E8 12 B
73 B 262ms
262ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=681&id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://ssp.hinet.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ssp.hinet.net
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2 200 gcm
gocm.c.appier.net/ Frame E8D2 42 B
309 B 255ms
254ms Image
image/gif 172.104.70.67
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=681&id=idlxdoj736ds7v1y6&upstream_hzid=HUAi9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.70.67 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1680-67.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 / Show response
ssp.hinet.net/api/web/request/ Frame D28A 4 KB
2 KB 388ms
388ms Document
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=216d457d-bdab-9822-564d-709a249c8aaa&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: c10b9f1663c17b87bbf86b0bb0901325bcae6eeb33e891af95781231cce255ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=216d457d-bdab-9822-564d-709a249c8aaa&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll

Response headers

server: nginx
date: Wed, 05 Jan 2022 20:25:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ Frame 5ED9 276 KB
99 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=m.xuite.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dedff4a3cc7757e0127bd5df8b2b750223b3773c0c16becddee432038385251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101740
x-xss-protection: 0
server: cafe
etag: 16642781866175142959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame FA63 11 KB
5 KB 31ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 05 Jan 2022 18:36:45 GMT
expires: Wed, 19 Jan 2022 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 6501
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ca-pub-1311151640559524 Show response
fundingchoicesmessages.google.com/i/ Frame 5ED9 80 KB
28 KB 66ms
37ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1311151640559524?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=m.xuite.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a8274c46ec3f7a1cc1b66172a51a81fb69ed16b28bec9a3ee422525323b43ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mrNPSN607IPM8E/CkHfjUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-mrNPSN607IPM8E/CkHfjUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-mrNPSN607IPM8E/CkHfjUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-mrNPSN607IPM8E/CkHfjUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
date: Wed, 05 Jan 2022 20:25:06 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5ED9 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-1311151640559524&eid=44750774%2C44753743

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5ED9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 595883f03dfabd439f283b5d5f5f2f3a4aa3dd4611a525e496003de3f8531cb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/ Frame A1E7 282 KB
101 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=m.xuite.net&bust=31063947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3d922c88faa2c6e4deffa0ea6996140613be579bf7b74d50944a7b8a93f5317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103760
x-xss-protection: 0
server: cafe
etag: 10959866207574480704
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5ED9 0
0 56ms
41ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZhyGFETbQfzysqVw_nH5nGjet7ROybv1UvNoSgnmZjBthU8yKX9z8Df9942k2IG8PG3NDl_vPTxQo65Mkdi-sS7rj6FSIptSAPqDs3s9d4zRv2VQu9E2zxxTYVp0-tavBb5almNlWxJWrltmkv7V_bvlqlqb1h2gUGA7PKhgUwtkTcnyEJt3Lw1NF07i_Vg62DVBnNsVKJRVFzAGpzYnV2MNBHJHtiDKqPTtt8gSjJJ8xAACpQGCCBntp82bIv-wae2njqx-v84wASHUL3RYvHEbq99F7DUuB8ThgGcc955-0pg5zDPCbRA&sai=AMfl-YSMt6SU-QFnU4-1shmzeIbF7eLks271biy9oEobq7wsJtrxYAFvRpVraGz_AV_9_21ZwkQ4WqXDM64cRC-FKVbdGngjgmdUWJO43QYvitokpJzgGQ16I5cgHHupdBw&sig=Cg0ArKJSzIdCAyQaQZJdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H3 200 ca-pub-1311151640559524 Show response
fundingchoicesmessages.google.com/i/ Frame A1E7 80 KB
28 KB 52ms
37ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1311151640559524?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=m.xuite.net&bust=31063947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c873b709e0fa7e03bda4b19b7478d12068b792ffc159eaeafa5cbd52d042783

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SVHoj/qiOtLI/n57hO0nlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-SVHoj/qiOtLI/n57hO0nlQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-SVHoj/qiOtLI/n57hO0nlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-SVHoj/qiOtLI/n57hO0nlQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
date: Wed, 05 Jan 2022 20:25:06 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1E7 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-1311151640559524&eid=44750774%2C44753743%2C31063947

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/home/oklaqq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
ssp.hinet.net/api/ Frame 3FDB 106 B
302 B 383ms
383ms Image
application/octet-stream 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/pixel?bd=7bf1450d350ba4596fea247f55762c18585e6ba429460ddf356d475d8341e167&ch=2017005
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000058&u=0634d984-605e-7a31-14c7-e76628c658be&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414306467&oi=STX7h&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000058%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26ad%3D216d457d-bdab-9822-564d-709a249c8aaa%26t%3D1641414306467%26oi%3DSTX7h%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fhome%252Foklaqq&o=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000058&u=0634d984-605e-7a31-14c7-e76628c658be&ad=216d457d-bdab-9822-564d-709a249c8aaa&t=1641414306467&oi=STX7h&site=https%3A%2F%2Fm.xuite.net%2Fhome%2Foklaqq&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000058%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26ad%3D216d457d-bdab-9822-564d-709a249c8aaa%26t%3D1641414306467%26oi%3DSTX7h%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fhome%252Foklaqq&o=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
last-modified: Thu, 13 Feb 2020 05:50:28 GMT
server: nginx
etag: "5e44e3a4-6a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 106

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A1E7 0
0 41ms
40ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst35-SttvChwWQRoUoti_t73BbSTNmGjxv3Xl45F1hiAhGKoosTYIfnTsDF6w8WjvHw_z9DNWBLvRjzR7thtTF9VbLBcVLZiOkk0kCtn8tqgRqvFDAibPSGPncOTLEQjalqg4nUDsFgz31BS30jXTrZ2WImr3iCL8MW_yCBOU7sNmQ11TXH5X2coglv4RdBmILd4esgsFwGBmbHKMGrWNpSUtewY8rJm-koT0BZ-RpcnOGCpq2IAuu4MK1IhXzntDYcDxvnSG7MfexNJcMwgiFtdh35Fa6mbNMHn1vDE73Qsvay-R7XewaoEQ&sai=AMfl-YRBRKAynvT9pdbMlsY1d0wGWykwV-oEnUMxFiC9AfU_mK6O5uOW75L-P9BGFH2UFA-4tdKrzdjBsy5ZI2bv-lCbA72jVlHi7nT4OlEtrAHxvDb-rNXC2qlsKYOw-og&sig=Cg0ArKJSzPF4VMY6PMG-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 05 Jan 2022 20:25:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 874C 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010404&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010404.js?31063977

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb2114d1abd3e616d8dc4d960fb234916c29cc4bc4a65f43829af1f4ff99f71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8560
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 874C 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010404.js?31063977

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jan 2022 20:25:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E07 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 05 Jan 2022 18:32:35 GMT
expires: Thu, 05 Jan 2023 18:32:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 37EC 783 B
537 B 32ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90c5b0404204629c6782fa775c983ccd499b1ddb8e663d6fffe474113b49bb44

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EzXmV4HBzZRw25tPP/XMAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 05 Jan 2022 20:25:07 GMT
date: Wed, 05 Jan 2022 20:25:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EzXmV4HBzZRw25tPP/XMAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame D28A 90 KB
32 KB 22ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://ssp.hinet.net/
Origin: https://ssp.hinet.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1641414307.dop031.ml1.t,1641414307.cds223.ml1.hn,1641414307.cds013.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame D28A 122 KB
39 KB 113ms
57ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

833af79fceebd91289eb5aac891019a7e5bd2a99f74fbd8d8430f52d6f908f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-1e6ef"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Jan 2022 20:25:07 GMT

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E07 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 17:44:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 37EC 0
0 54ms
54ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010404&jk=4404848956003455&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 874C 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010404&jk=4404848956003455&bg=!0NOl05fNAAZKWFskSlg7ACkAdvg8WpjBaz2n2S76MM-TeA7WdWmvum1_OmJReYaOKDDkoQcMJO9_hAIAAABYUgAAAApoAQcKAEKNCa16EjIsNb0OknplavoTRGJ3RbWq1FhnUNUOCi4vM9Z72jPxq7A-uWiULUb7Isq5ATrrAx7sBE5l0WuVnqO2AH2ZAu1hNmqLD4lizxFJsuL6Iz5LIWJ1IM3_4R79WoV4iH0Mwpyirk6WolHcSat6pHQN9bu2AcHv1RhYIWcKS6kntE9749r2WYHJ7woPruycjBtTp3SmEBYcqd2aNWoh2ZX-UUxnHonTi9r9BJif3ohJ9NNn8GZDYEMZkGpXkYhMN97q3vCgc4i7VLGA3IxjQq-9s617rxqgVxdNMQaSuLVPNxbNgybqLYD-FB_CEx-fpYnRzIflvE1QKHVi141OQ7479mCIUX8VqUCDdhbq_-YPQEelNuy8nYx6bONU9jqLtUoQQAV-gTDnjH1jRhXPW4W-rDa_XnpWkyRK6QI3sjctinmJUI6qYG55PpA6yZkWyHjysN-VLOodQLvct7xdmsRIGdNPrzGYzEIywyyn4FcvGTcmAH2WaGt4vtiz4H504fNCREJGMUGhno9Cb7mbNPa06Cn7irHJRy-zHNORIo4g0F1H9iGF1glUntaZngmaD6XuizJTPDWZYXaZTQJoVLJqq6UvtlwMdgtIOJ2FA9TMxraYk1FJyp5_UvesaMo7KlkM5--dcmJChHDadXYDP99Upg8OHrCTf6LkQMHTthVi5mHqKoLaTBa-lBmCgsd-FGoqLh8gs5Tf_6uyFxUQxoYd-IDLcwbqfGs7mK6pUpPBohfzZjTDPnzCbxUK3Hkd7Kho7U0lzypFFBkBEogxGZwrqtTTwkOv-5k9f1zxYQjQugH2laLKvmKGwG1yH4rl3mY6SDN75eqZBEP9cxh8z-tEe1pGnjSe8sEnA1GaEPqvvdz-38XtMcAFx6eep1GTAOwYaM4PtUZLZsNm_kK9kGXZTBQz3DPP6TC_CtHFsvhMhfqbC8Rk73EpjFMdfKWmx12FK7OZxdxX8emi_90hKduTZzmSuAETVjWiOVIrlTi1KZIO51c5DRLdYpcw8CjVJ2dnKX_DEDmvbpVOtju86DQm1vrUENYDR8Wuor_wlelpGyOmFlzQzlS8rrhR2h8gbw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D28A 0
214 B 236ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=117&profileId=184&cb=25241265752

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ssp.hinet.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A23D 9 KB
4 KB 44ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=m.xuite.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1781
date: Wed, 05 Jan 2022 20:25:06 GMT
content-length: 4160
strict-transport-security: max-age=31536000; preload;

GET

sid
mug.criteo.com/ Frame A23D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ssp.hinet.net&sn=ChromeSyncframe&so=0&topUrl=m.xuite.net&lsw=1
https://mug.criteo.com/sid?cpp=vMSCmXxBUmFOdnV4Y0hQMlJWZWRMck9jcjI0aFJHdG1SYWh4ZElNQTloYjMrclNYdHVacmNMLzEybXZicmpWeFdGTHY4OGpjamJTU011MHdiTFIyNVZpenQzTGNSRE0zTFJGSTV0bUdqcStoK0FWRlBEUDR2WDJIdTYrV0...

0
0

POST
H2 204 events
bidder.criteo.com/csm/ Frame D28A 0
214 B 15ms
15ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ssp.hinet.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jan 2022 20:25:06 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame D28A 43 B
365 B 34ms
33ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 31 Dec 2022 20:25:07 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame D28A 43 B
365 B 27ms
26ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 31 Dec 2022 20:25:07 GMT

POST
H2 200 iev
csm.nl.eu.criteo.net/ Frame A23D 43 B
245 B 125ms
14ms Ping
image/gif 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.nl.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=m.xuite.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gum.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:07 GMT
server: Finatra
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 / Show response
ssp.hinet.net/api/web/request/ Frame D28A 3 KB
2 KB 390ms
390ms Document
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 96d93e76c1782796c56ca32abb1aa999f0e340ee06efcde53a570cd9bd569e03

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll

Response headers

server: nginx
date: Wed, 05 Jan 2022 20:25:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5ED9 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEGaK6zVXAqiwcIJ7tVbnWGZJ5RlwS8z4IKhq3ppF7HZg8pbWzA8IH1fSFZTHuadW3Vb2eObdrM_7sbJQCbJpJ3zH-PiYfumUnXDPbt_2Fd1Xv986k&sig=Cg0ArKJSzBIEx2AmOda6EAE&id=lidar2&mcvt=1000&p=0,0,254,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0.98&app=0&itpl=19&adk=4239621017&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641414306290&rpt=540&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST iex
csm.nl.eu.criteo.net/ Frame A23D 0
0

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame D28A 90 KB
32 KB 23ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://ssp.hinet.net/
Origin: https://ssp.hinet.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1641414307.dop031.ml1.t,1641414307.cds223.ml1.hn,1641414307.cds013.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D28A 79 KB
26 KB 18ms
17ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017005&s=201702000053&t=1641414299109&u=0634d984-605e-7a31-14c7-e76628c658be&o=b8HIr&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

91ba5fd7f3b044739686c5558ef90c464271a94385010f7f27a39d5d8d94cf52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27061
x-xss-protection: 0
server: sffe
etag: "1093 / 439 of 1000 / last-modified: 1641382001"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jan 2022 20:25:07 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D28A 348 KB
117 KB 19ms
18ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jan 2022 20:25:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D28A 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ssp.hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D28A 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ssp.hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D28A 18 KB
8 KB 59ms
58ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4381210110210732&correlator=876015966816840&output=ldjh&impl=fifs&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220105&iu_parts=22590772197%2Cxuite_pcflot_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&bc=31&abxe=1&lmt=1641414307&dt=1641414307993&dlt=1641414307877&idt=107&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=2&adxs=0&adys=0&adks=2700717014&ucis=3ogg3a80hhjp&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017005%26s%3D201702000053%26t%3D1641414299109%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26o%3Db8HIr%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&ref=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017005%26s%3D201702000053%26t%3D1641414299109%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26o%3Db8HIr%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&top=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017005%26s%3D201702000053%26t%3D1641414299109%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26o%3Db8HIr%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x250&ga_vid=1544566989.1641414308&ga_sid=1641414308&ga_hid=1827834393&ga_fc=false&fws=260&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9baf66c64c89aca049e238da3aa9b8736ff16ea3a4bf60be6c800bfb8630016c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8386
x-xss-protection: 0
google-lineitem-id: 5785067666
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363151711
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
a91c4c47ce4a68ea3f4f6df3e7d0d18e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DC1 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D28A 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

febf0f54fc24fb84dc600fda4a3274fad53106aea13053d6ed351f3fe05618de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8396
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F7A 0
0 41ms
41ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZpOc7p3RWJEKhw6hn5XUDG7XejI20dzsfimUSIdLouUX5QahJytEzQKjWjHCetpPSfNCdGN0LEq-b5nTEVLeod_8t3mpl-Q1Yq932770UCJFQn2xKFq8a_u21RzuZTCT5he_X_f5ZiO31XZ_YeDYxUZvjtekYJ4U36vjXxF3RQeqtAW0VVBp0LZ6tIDcAgi5s_UAjSj5zuWEa1ougdyRghnR1tPlQ3I-glsBWHfgCY52x6EPGpAK5CYq3mEAmu9VXXDu-tCP13fNUu9SFIx5k-mfVgjKZFQck0TY7Bof7_hTHabmXKLDkLiNMCY_kxETq&sig=Cg0ArKJSzNSOBpAOfT6kEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: xuite.net
URL: https://xuite.net/oklaqq

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 adsbytenmax.js Show response
tenmax-static.cacafly.net/ssp/ Frame D28A 124 KB
37 KB 145ms
71ms Script
application/javascript 2606:4700:10::6816:8ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by: Host: xuite.net
URL: https://xuite.net/oklaqq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc05e9f04683682906d0ad443881bd19fce83e240bbaeeb6ec814ce757204ee4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 20:25:08 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: U63yZkrSK7TVVVQvpY1AAQ==
age: 7066
x-ms-lease-status: unlocked
last-modified: Thu, 18 Nov 2021 05:59:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6e787739-f01e-00b7-7041-dcedf2000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 6c8f6f21e8f00e1a-MXP

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F7A 119 KB
36 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jan 2022 20:25:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D28A 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jan 2022 20:25:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F7A 0
0 41ms
41ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukd0L1cv-qR8DhbOoyfie5H5acMA3hxRL5ctuJQ1tcwhV4IgmOQnDnMx1iGNQWkNdfVrO4MK_ZEwAZ1DJrlgVihY32B5g6oWwrIARV-muS45MLwHXWSp9OGmJ1OkbWFYXS376fnPtzlmLN6mbCcKMgyryNxiQ5mmxG9gOTpY47EUfyWxab4pWZUGGskrLkn567J_kjOQb82npmtubllwPWTg0kns7Mjo_YgVUilWsO9bpLu48U64mlkUqpOiDuBdL3oa0GIE2oSRxj7-J3OsJYVXIT3Un-CdWeUEEZaBv95Ee_n3MQCTO85TbGgU4A-kI8syw&sig=Cg0ArKJSzCN4x8Ho7PELEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Jan 2022 20:25:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 05 Jan 2022 20:25:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 79BF 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 05 Jan 2022 18:32:35 GMT
expires: Thu, 05 Jan 2023 18:32:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 98F0 783 B
536 B 19ms
19ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17fcb8bd08762d8bf08653b10b2ba5f38ec5417f9792b3d3ffc33b85574e54a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v6wncGG4lLLDjkNgrz0+Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 05 Jan 2022 20:25:08 GMT
date: Wed, 05 Jan 2022 20:25:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-v6wncGG4lLLDjkNgrz0+Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 79BF 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 17:44:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 98F0 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=4381210110210732&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200 b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ Frame D28A 43 B
528 B 3358ms
347ms Image
image/gif 211.21.190.218

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=167785125
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:25:11 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK plan Show response
ssp.tenmax.io/supply/v3/universal/ Frame D28A 228 B
585 B 3083ms
334ms XHR
application/json 211.21.190.218

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=414eafd41b4e4b28&referer=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017005%26s%3D201702000053%26t%3D1641414299109%26u%3D0634d984-605e-7a31-14c7-e76628c658be%26o%3Db8HIr%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&cacheBuster=d1a0ab82-9fdd-400f-ab2d-673945bac0ae
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a51d668cd4b44806260aea72a497c80a9a7c3eb07caadaad0b46bcc0fc4fcc24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:25:11 GMT
Server: nginx
Vary: Origin
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://ssp.hinet.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 228
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D28A 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=4381210110210732&bg=!goGlgcXNAAZKWFskSlg7ACkAdvg8Wndfg4SnJM_hZfntJbpdVx4VLWKpOlMjuSYbZiGjEUeW826_PgIAAABcUgAAAAtoAQeZAv3AngzO6n-f6FRCpoep9UZsYLaTWkxyQxZ64sNFSluWN5H-uMzxKcBNAF3UPPl9RR-UAD32SW82vmgQNFjjC0DrV6yakjYbQ9H6PvGpuZRve1ldw-wOzL2tsQSElBsSdG4QNhmgyPJa1NXokuVhvVsZ3MsQAV76GcD53UjdqvqmTrAByobbR2SOf4jIqX43tG7R5xK7zZ1ZRoMM7V7e6DHEBgHFkRV-AkBhtQo57s2G7Omr1EN3-dudP7gcGdGqbxNacKcPB9uQ6mCH42veVrVeQkbA4Fu4yYaTZO7loQ1Y0_PczLulsHXgFoj_-u75FZ5rdTuQ_lNp6YZfCZ8oR4QzFQGJzreX-lTeUy6n5WDAMVyBGmb-m-WFjviZBdY9qpd4UdxUUQErqDkFYmKYcn7yq0BQXW5ArxHrLh_VlmhvBHbTKwTWh6M4uyV8GR4CCjkaRWWcy_hG98iTXZFXa2LVdMb95LhtcazBI2BzGBMXu0ksXD1KwJSAHN44rOR4dZW282KPnZatV7Ns1tZA9oYGWeFEudmM1HArGJzJ-IRbrx0t4-OHDi89uiRQQIJEox_sqriAZOxCRWX5YhZ1VyUhnaOcyVnPNmvwRgMJuBL8e2TKCFA21WwD5Xz4-8L79zwBTFK2EPNrlHWg0-_wgaPEVpFYImqJ92TwFC_dytj2EvEjL_zHzyhsq_lex3cgAPdhv1yv11Q5I1Ljy7Kt9MNPBsMrCHE4ILmINnHK3uFcEf_Rwd4B52MuMhAVr0MWlM5uFwTieEdQn7xPPDPUPDbUdtZwAk4giCKE7tvUK8IEc0DkcR1hCqhwZM4aD9c9KcqpclcYTkP8usacoX8devIPpl9HV4gYGnygqjsrKJmfHcvntMSfddjDoNPGMUKWxEj0nlu94kZr008-gwMoH3lpLAK3lNMvpPk9j98TBo8SMUU5GCg3PvZYBE4kOjdk9koqQaZ_6oVRCrhIQHMtkHqyYWj5Eu-WXb0cgSvBc24kDBPpHTYeUdMUKPByLhE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 20:25:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame 874C 0
222 B 379ms
379ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201702000054&th=29&wc=3216
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://m.xuite.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame 236D 0
222 B 379ms
379ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201702000054&th=29&wc=3216
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://m.xuite.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:25:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ Frame D28A 0
206 B 322ms
322ms Image
text/plain 211.21.190.218

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=94f41860-6e65-11ec-9b9a-11b6a6100fc6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:25:11 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 9339489a3603bfdcd3aaaeaf4ad3bb92.safeframe.googlesyndication.com
URL: https://9339489a3603bfdcd3aaaeaf4ad3bb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Domain: 708f07f6bfc9157b369d72371bb4ddc5.safeframe.googlesyndication.com
URL: https://708f07f6bfc9157b369d72371bb4ddc5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=vMSCmXxBUmFOdnV4Y0hQMlJWZWRMck9jcjI0aFJHdG1SYWh4ZElNQTloYjMrclNYdHVacmNMLzEybXZicmpWeFdGTHY4OGpjamJTU011MHdiTFIyNVZpenQzTGNSRE0zTFJGSTV0bUdqcStoK0FWRlBEUDR2WDJIdTYrV0tlNEZ1Y1RkUE4zOElONFRaVDA1Rk4zeHBYMHdFNU9jVmVFL3R2R1lWbjR3bWFnMjZWTFJHRjZWbENmKzJyU3NRam1QN0FmdE5mSHo3L2hJVGN0Sm1ZUUVWZzNZdDJWSTYzNjRFME1leUxyQjdYNU15UGlteEg2Mm5xR1RxNjkyb3puaUpCcEdidVNMdkxHS2QvVjBzRXUzazVuVWNhdz09fA&cppv=2

Domain: csm.nl.eu.criteo.net
URL: https://csm.nl.eu.criteo.net/iex?gPath=Gum.ChromeSyncframe.SidReadError&msg=Failed%20to%20fetch&tag=Gum&tag=ChromeSyncframe&tag=SidReadError

Domain: a91c4c47ce4a68ea3f4f6df3e7d0d18e.safeframe.googlesyndication.com
URL: https://a91c4c47ce4a68ea3f4f6df3e7d0d18e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.xuite.net/home	1970-01-19 23:57:07	Name: sitemaji_tab Value: 1
.xuite.net/	1969-12-31 23:59:59	Name: XWWWSESSID Value: 46vp7iupnluhs3k0trk4h5jna2
.xuite.net/	1970-01-19 23:56:56	Name: __asc Value: 4a1671a917e2bea8778b4e8aac0
.xuite.net/	1970-01-20 08:43:56	Name: __auc Value: 4a1671a917e2bea8778b4e8aac0
.xuite.net/	1969-12-31 23:59:59	Name: FOTOSSID Value: o0ldh72nb7d5us12q0vd72soq6
.xuite.net/	1969-12-31 23:59:59	Name: referer Value: https%3A%2F%2Fphoto.xuite.net%2F%40ack
m.xuite.net/	1970-01-20 17:28:06	Name: adid Value: 216d457d-bdab-9822-564d-709a249c8aaa
.ssp.hinet.net/	1970-01-20 17:28:49	Name: uuid Value: 0634d984-605e-7a31-14c7-e76628c658be
.c.appier.net/	1970-01-20 08:42:30	Name: _auid Value: QxWwHiG1AeqgGlzBnf7VYQ
.m.xuite.net/	1970-01-20 17:28:06	Name: __utma Value: 165570275.471147196.1641414303.1641414303.1641414303.1
.m.xuite.net/	1969-12-31 23:59:59	Name: __utmc Value: 165570275
.m.xuite.net/	1970-01-20 04:19:42	Name: __utmz Value: 165570275.1641414303.1.1.utmcsr=xuite.net\|utmccn=(referral)\|utmcmd=referral\|utmcct=/
.m.xuite.net/	1970-01-19 23:56:54	Name: __utmt Value: 1
.m.xuite.net/	1970-01-19 23:56:56	Name: __utmb Value: 165570275.1.10.1641414303
.xuite.net/	1969-12-31 23:59:59	Name: XMYSESSID Value: jfkblken5k750h7ohja61a0st7
.hinet.net/	1970-01-20 17:28:06	Name: uuid Value: 218c9fbc-ed6d-497b-8937-45d3c78cd224
.xuite.net/	1970-01-20 08:42:30	Name: __htid Value: 218c9fbc-ed6d-497b-8937-45d3c78cd224
.xuite.net/	1970-01-20 09:18:30	Name: __gads Value: ID=5bc74d34f55ad5ea-22ac5b4617cd0080:T=1641414306:S=ALNI_MZzimvnTq6hKOafgOOPl_r6egHb0g
.doubleclick.net/	1970-01-20 09:18:30	Name: IDE Value: AHWqTUkWyFhfcJ0sJvpMkllVy91Nfz_a41cCTBQFq6hx0mMxLTURfxJZYk1Fgs0sB5k
.yahoo.com/	1970-01-20 08:42:51	Name: A3 Value: d=AQABBKL-1WECEFAP2oaAa8e7oWPCLWBvV-gFEgEBAQFQ12HfYQAAAAAA_eMAAA&S=AQAAAmQDJvebDg67tRD1WDqNztQ
.xuite.net/	1970-01-19 23:56:57	Name: _ht_em Value: 1
.criteo.com/	1970-01-20 09:18:30	Name: uid Value: 08280ac8-e4cf-4a18-b462-a9f1affe559c

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://ssp.hinet.net/api/app.js(Line 557) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
security	error	Message: Refused to frame 'https://xuite.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript	warning	URL: https://m.xuite.net/home/oklaqq Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://m.xuite.net/home/oklaqq Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

218c9fbc-ed6d-497b-8937-45d3c78cd224.t.ssp.hinet.net
708f07f6bfc9157b369d72371bb4ddc5.safeframe.googlesyndication.com
9339489a3603bfdcd3aaaeaf4ad3bb92.safeframe.googlesyndication.com
a91c4c47ce4a68ea3f4f6df3e7d0d18e.safeframe.googlesyndication.com
ad.sitemaji.com
ad2.apx.appier.net
adservice.google.com
adservice.google.de
adx.c.appier.net
apn.c.appier.net
avatar.xuite.net
bidder.criteo.com
cdn.js7k.com
cdnjs.cloudflare.com
certify.alexametrics.com
code.jquery.com
csm.nl.eu.criteo.net
d31qbv1cthcecs.cloudfront.net
dmp.tenmax.io
fundingchoicesmessages.google.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
img.xuite.net
m.xuite.net
mug.criteo.com
my.xuite.net
pagead2.googlesyndication.com
photo.xuite.net
pmp-beacon.apx.appier.net
prod-m-node-3113.ssp.yahoo.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssp.hinet.net
ssp.tenmax.io
static.criteo.net
stats.g.doubleclick.net
t.ssp.hinet.net
tenmax-static.cacafly.net
tpc.googlesyndication.com
web.ssp.yahoo.com
www.google.com
www.googletagservices.com
xuite.net
708f07f6bfc9157b369d72371bb4ddc5.safeframe.googlesyndication.com
9339489a3603bfdcd3aaaeaf4ad3bb92.safeframe.googlesyndication.com
a91c4c47ce4a68ea3f4f6df3e7d0d18e.safeframe.googlesyndication.com
csm.nl.eu.criteo.net
mug.criteo.com
13.224.193.3
13.224.193.92
142.250.185.226
172.104.70.67
178.250.0.165
178.250.2.150
2001:4de0:ac18::1:a:3a
2001:b000:1c9:7600:0:a:d23d:3822
2001:b000:1c9:7600:0:a:d23d:3826
2001:b000:1c9:7600:0:a:d23d:3827
2001:b000:1c9:7600:0:a:d23d:382a
2001:b000:1c9:7600:0:a:d23d:3831
203.75.213.47
203.75.214.136
211.21.190.218
2606:4700:10::6816:8ee
2606:4700::6810:125e
2a00:1288:80:800::7001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
2a02:2638:1::13
2a02:2638:1::3
3.131.125.24
34.96.119.68
35.157.246.167
35.186.215.140
52.29.134.168
03fc68df1e139e553e59d20343974ee0658a802659955b4b860d2f674479d170
04c45b5d784c894b92dd81dfb767f63fac32ed052b67e0ae775990d84f5be793
12036c24d13bca94a73e4111a1ae74b78019699aa261d67cb302355577a54a20
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
17fcb8bd08762d8bf08653b10b2ba5f38ec5417f9792b3d3ffc33b85574e54a5
2496f1b76aa46054edab81ea47cf82ac2d94a0189d71c9ca36c41fa3370cf694
25f02e8a90158baa2b99fae0c81b6e22497d0edb1eece324298edaed00a63847
2b5e4e935a3c55113604e1a9d695ee414e6402a29179fbb2f020e8a40bd1c8a3
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
323275e6967715d085f8cc847d54f2632693b8e85ad4782b3a845af182fdb448
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3a8274c46ec3f7a1cc1b66172a51a81fb69ed16b28bec9a3ee422525323b43ef
3e1472923732cf9e0f1aee885320a9ae1a0d91825486a7b1fd49cf4f5c59d2de
4097c4bdb4510938b64c56b104c3ad7671a70df53562a33ee0bd90e01e6d4bbc
4173c250a4737463fe825cc469be9e92d31c53c5bd173bfa9eaca367d5b07ba2
41f5e63f37797d4b6d51861ea16b24b64d474f150846e357e378939679e912f9
444aa59524491c2d8c4e9fdb88c1aa6d74304f578ccb2c2f0730f1f1db03366c
4b92b6a210a1c4ca08d3703f2956e8bdd64531d11e4d4fdc2408f709d46224d6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fab09927f9e0023e3685392a968a55ccc4a1df0a4c05ac99e9d3bb9ba5afe06
527d7ed0846e6a9e665e4695cb93e64da6c85e587c8dc9fbbc935d365da989e1
53633ef9e6c0b9662e0d24ddb187c7ab90f9b97947cfd57f910c344f0dbaf4b7
5423a325ed07524c28a5c9eb207b2ef3420eb55bdeebbac2d3cc4bf1d2b7314f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57145aadb133b9498c8f067617cd96b398e3312a3b6d9e195dfada28bba07292
595883f03dfabd439f283b5d5f5f2f3a4aa3dd4611a525e496003de3f8531cb5
5a3676f9a1132552c7c781186fa8e9d1691c038ae581b7b850e8b1c59dd8cc9a
5a4da43853b7efaf293b8eeb73d7ff62d83e38e7fc79e72e06fd8cf173622367
5dedff4a3cc7757e0127bd5df8b2b750223b3773c0c16becddee432038385251
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
607b6373b529d07da80e5c0bbce46ea42f08f93c3c0d5c26aa231cff4a2d80a5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a611499423ea7871d0ee1eaa3cf58cc4f286f6e9f336960a990181b46abb430
6b6b1cd19e67884c0a0bf95dde5afbccbc59395fa8d2abcdc4caab1d127ab311
6c0fa25cfd0830112aa27a81d10cd54949326920237aa74dd107b222db47659b
6c873b709e0fa7e03bda4b19b7478d12068b792ffc159eaeafa5cbd52d042783
7009ca6cdfe65e116dd86c97db4d3b3298cd50442cac6a59889300221d4dedd2
71588afe887b74f7d43d82b092b6d41bc8cd196d86e77e7b1acf79c7d4724b9f
717de370036c8ff23c0e7c3bf7f7b4b9fd06b760b9f5cc257325fc0ecdfed345
7182e8b6a6ce560ce174702b501b77a020a7549d779ebf07d522d32a1d91da06
723ef3cb4cb1680d448ebd4351b1fc349ff084ce1f4d8623ffdaec81b223d659
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
7d4d7833c66c169637609c251363cfbf654a7a614daba84e571916ec4028ac0f
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
81379f872082f5e98e828b54cec5e374f193805c644f39fe326db869277cba9f
82a7a2bc826f978cb4e0ff91da17bcfa8a2fcc23fa71cf463331c8b821627069
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833af79fceebd91289eb5aac891019a7e5bd2a99f74fbd8d8430f52d6f908f2d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
893fa65f77fe7edb9c7ce7d38eafc50694f210402a4b693bd457e4acd2e26341
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d47911578eba021abc2c449e64f90caaee7b9c002e4067e8f02ba7a4b199031
8eb5929eae1e0e3d3c81801124e1d14a54e09769a16bf52973291f274194102d
90c5b0404204629c6782fa775c983ccd499b1ddb8e663d6fffe474113b49bb44
9137b33ceb0e8b966c5942abeff0ff11670e36afe176b73480fc24e7f214632d
917e19af2f131aac8cc5eb1b1229ee7ba17ee2f8180e5a478c6cdb68bae57f89
91ba5fd7f3b044739686c5558ef90c464271a94385010f7f27a39d5d8d94cf52
95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832
96d93e76c1782796c56ca32abb1aa999f0e340ee06efcde53a570cd9bd569e03
9baf66c64c89aca049e238da3aa9b8736ff16ea3a4bf60be6c800bfb8630016c
9e3af9a7e39f0a0097d0bed0b1f8ea5fe414550f3ed47613969e0766477ab6e9
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51d668cd4b44806260aea72a497c80a9a7c3eb07caadaad0b46bcc0fc4fcc24
ad15509027b05e8f36bc3a87648f084249b28e5f538ec6270248a95d53eddee3
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
aeebd24dcd34631f0d9f7e421a4410bb48ad5bb1fc4e407075e86ee3bc6b6473
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3876ea3280559a56204fa578c794cb8fc4967dc74c026c0ebeb8c2ee88276f1
bb2114d1abd3e616d8dc4d960fb234916c29cc4bc4a65f43829af1f4ff99f71f
bc58f7e7a0ed86c18a0574ae23296518dd60cd08ed97265361b1be2faa8fbe91
bc9bb7440c95e6bf16b5f6299c8e3d1bc8c750cb0924066c4261412cf91ef562
bf28bf1749d5f6ac054b55c31c4f1e89bd3105c8b235cf4a4773100e8beda2cb
c0c97682d4a9500419530f90c2420e18748a0ce11e541c2c7d2bd753cb793ddd
c10b9f1663c17b87bbf86b0bb0901325bcae6eeb33e891af95781231cce255ba
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889
c730940e3b39f3d28a237fc2160d69c5726ff1f6faa036397e888bfe3a1b5ab2
cc05e9f04683682906d0ad443881bd19fce83e240bbaeeb6ec814ce757204ee4
ce173ea9161ac00ef25c1188064eb5f20bd0ac661f4ae396c3b55e1190503fde
cffa52d10d8eb937b1051b55f8b44b1febf5a7c0fcd9d6c453c16cee6eedb772
d41229f369557405de5b218daad429dd8216b8cfde394c3cd088c5002c998de7
d561a9993af830d7e3f6c221966fa1a0976aba05ed1480491cbfda5d9ac272db
d6c59c4e7e56198a12c2ab1972fc223e9e6736d6ceefc2f24d0e0663eb22ce32
d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d922c88faa2c6e4deffa0ea6996140613be579bf7b74d50944a7b8a93f5317
ea541769687eaa4727495d75c9d4757958b91519c10389d1e2bf4a7e42bae49f
ea90c0fd1b81888f4172394db78c8f26cd89955dc3aa4349027e04523781deea
eb3deb87ad964663392f43913d654f4d969874518552cc7f937ea342c1a5231b
ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f5753aa7658345c5b491b736513f2888df4e0c58e7a19c0e7951cc24abbee9e1
faff7b2972ce0d9c1419bbd15f63968f626db9596767b3a600e08790394d860e
febf0f54fc24fb84dc600fda4a3274fad53106aea13053d6ed351f3fe05618de

m.xuite.net Open in urlscan Pro 2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

95 %HTTPS

59 %IPv6

21 Domains

45 Subdomains

34 IPs

8 Countries

2382 kBTransfer

6114 kBSize

22 Cookies

18 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

m.xuite.net Open in urlscan Pro
2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

95 %
HTTPS

59 %
IPv6

21
Domains

45
Subdomains

34
IPs

8
Countries

2382 kB
Transfer

6114 kB
Size

22
Cookies

169 HTTP transactions
1 data transactions